A blockchain-based identity management solution for secure personal data sharing: A systematic literature review approach.
Abstract
Africa’s digital transformation has amplified systemic vulnerabilities in personal data governance, particularly due to reliance on centralized identity systems ill-equipped to evolve cyber threats. For instance, the 2016 Cambridge Analytica scandal exposed not only global data misuse but also catalyzed African nations like Nigeria and Kenya to audit their electoral data practices, revealing similar risks. Centralized databases are frequently the backbone of conventional identity management systems, which unfortunately leaves them vulnerable to security violations and unwanted entry resulting in attackers taking advantage of these vulnerabilities and causing security incidents like identity theft or the exposure of confidential information. Self-Sovereign Identity (SSI) empowers individuals to take control of their personal identity and understand how their data is utilized. In this context, blockchain technology plays a pivotal role by supporting decentralized systems for identity management and access control. This literature review explores five key dimensions of blockchain-based identity and access control management, including security / privacy, scalability, interoperability, regulatory compliance, and user control through a systematic analysis of 62 African case studies and a framework synthesized from that review. The study identifies critical gaps in scalability (40% of studies) and regulatory alignment (50%), offering actionable insights for decentralized identity frameworks in emerging economies. Prior reviews lack Africa-specific insights; this SLR addresses this gap by synthesizing 62 African case studies, offering the first comprehensive analysis of blockchain-based IDMS implementations in the region.
Downloads
References
Stockburger, G. Kokosioulis, A. Mukkamala, R. R. Mukkamala, and M. Avital, (2021). “Blockchain-enabled Decentralized Identity Management: The Case of Self-Sovereign Identity in Public Transportation,” Blockchain: Research and Applications, vol. 2, no. 2, Art. 100014, doi:10.1016/j.bcra.2021.100014
S Alansari. A, (2020). Blockchain-based Approach for Secure, Transparent and Accountable Personal Data Sharing.
M. Shuaib et al., “Self-Sovereign Identity Solution for Blockchain-Based Land Registry System: A Comparison,” Mobile Information Systems, vol. 2022.
M. K. Hamza, H. Abubakar, and Y. M. Danlami. (2018). “Identity and Access Management System: A Web- Based Approach for an Enterprise,” Path of Science, vol. 4, no. 11, pp. 2001–2011.
Yan, Z., Zhao, X., Liu, Y., & Luo, X. R. (2024). Blockchain-driven decentralized identity management: An interdisciplinary review and research agenda. Information & Management, 104026.
South African Reserve Bank (2023). Pilot Program for Blockchain-Based Identity Verification. [Online]. Available: www.sarb.co.za
Kamau, M., & Mutiso, J. (2021). "Blockchain Technology in Kenya: Opportunities and Challenges." African Journal of Information Systems, 13(2), 45-58.
Ndungu, P. (2020). "Digital Identity Systems and Blockchain: The Kenyan Context." Journal of E-Governance in Africa, 9(3), 120-135.
World Bank (2022). "Digital Transformation in Sub-Saharan Africa." Available at: https://www.worldbank.org.
Wanyama, E. (2019). "The Role of Blockchain in Reducing Corruption in Kenya." African Governance Review, 8(1), 78-91.
World Food Programme. (n.d.). Building Blocks: Blockchain for Humanitarian Assistance. Retrieved from https://www.wfp.org
Glöckler, J., Sedlmeir, J., Frank, M., & Fridgen, G. (2024). A systematic review of identity and access management requirements in enterprises and potential contributions of self-sovereign identity. Business & Information Systems Engineering, 66(4), 421-440.
United Nations High Commissioner for Refugees (UNHCR). (2021). Digital Identity for 7-Refugees. Retrieved from https://www.unhcr.org
B. Alamri, K. Crowley and I. Richardson, "Blockchain-Based Identity Management Systems in Health IoT: A Systematic Review," 2022
Zyskind, G., Nathan, O., & Pentland, A. (2015). Decentralizing Privacy: Using Blockchain to Protect Personal Data.
Xu, X., Weber, I., & Staples, M. (2020). Architecture for blockchain applications. Springer.
Allen, C., (2016). The Path to Self-Sovereign Identity.
Der, U., Jähnichen, S., & Sürmeli, J. (2017). Blockchain-Based Identity Management: A Survey on Technical Approaches
Mühle, A., Grüner, A., Gayvoronskaya, T., & Meinel, C. (2018). A Survey on Essential Components of a Self-Sovereign Identity.
Rathee, T., & Singh, P. (2022). A systematic literature mapping on secure identity management using blockchain technology. Journal of King Saud University-Computer and Information Sciences, 34(8), 5782-5796.
Li, W., & Kang, J. (2019). Decentralized Access Control for IoT Data Using Blockchain and Smart Contracts.
Sullivan, C., & Burger, E. (2017). E-Residency and Blockchain.
Kuperberg, M. (2019). Blockchain-Based Identity Management: A Survey from the Enterprise and Ecosystem Perspective.
Esposito, C., De Santis, A., Tortora, G., Chang, H., & Choo, K. K. R. (2018). Blockchain: A Panacea for Healthcare Cloud-Based Data Security and Privacy?
Reed, D., Law, J., Sabadello, M., & Muegge, S. (2020). Decentralized Identifiers (DIDs) v1.0.
Sovrin Foundation. (2018). Sovrin: A protocol and token for self-sovereign identity and decentralized trust. Sovrin White Paper.
Gisolfi, D. (2018). The rise of decentralized identity. IBM Blockchain Blog.
Sporny, M., Longley, D., & Sabadello, M. (2019). Verifiable credentials data model 1.0. W3C Recommendation.
Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf
Androulaki, E., et al. (2018). Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains. ACM Transactions on Computer Systems, 36(3), 1–39.
SARB. (2022). Project Khokha 2: Distributed Ledger Technology for Financial Markets. South African Reserve Bank Technical Report.
Kenya Blockchain Taskforce. (2023). National Blockchain Roadmap: Advancing Digital Identity and Land Registry. Ministry of ICT Report.
Adebayo, O., & Mensah, K. (2021). Decentralized Identity for Financial Inclusion in Nigeria. African Journal of Computer Science, 12(4), 45–60.
World Bank. (2023). Digital Identity Systems in Sub-Saharan Africa: Trends and Challenges. https://www.worldbank.org
Hyperledger Foundation. (2022). Hyperledger Indy: A Distributed Ledger for Decentralized Identity. https://www.hyperledger.org
Ethereum Foundation. (2023). Smart Contracts for Access Control: A Technical Guide. https://ethereum.org
Ndemo, B. (2020). Blockchain and Digital Governance in Kenya. Journal of African Innovation, 8(2), 112–130.
Diop, A., et al. (2021). Blockchain-Based Land Titling in Senegal: A Case Study. IEEE Access, 9, 156789–156802.
Oosthuizen, R., & Van der Merwe, J. (2022). Privacy-Preserving Identity Verification in South Africa. South African Computer Journal, 64(1), 22–40.
GSMA. (2023). Mobile Identity and Blockchain in Africa: A Survey of 15 Countries. GSM Association Report.
Abugri, B., et al. (2020). Blockchain for Cross-Border Identity in West Africa. In Proceedings of AFRICOMM 2020 (pp. 134–148).
AfriSSI. (2024). Self-Sovereign Identity Framework for Africa: Technical Specifications. African SSI Initiative.
Chikomba, T., & Moyo, L. (2023). Blockchain Scalability Solutions: Lessons from Zimbabwe’s Health Sector. IEEE Blockchain Transactions, 5(4), 200–215.
UNECA. (2022). Regulatory Harmonization for Blockchain in Africa. United Nations Economic Commission for Africa.
Okeke, C. (2021). Zero-Knowledge Proofs for Identity Management: A Nigerian Case Study. Journal of Cybersecurity, 7(3), 89–104.
Uwituze, J., et al. (2023). Blockchain-Based Voting Systems in Rwanda: A Security Analysis. In IEEE AFRICON 2023 (pp. 1–8).
Makanju, A., & Tshabalala, P. (2022). GDPR Compliance in Blockchain Systems: A South African Perspective. International Journal of Law and Technology, 18(1), 55–72.
Bello, A. (2024). Mobile-First Blockchain Identity in Rural Uganda. In ACM SIGCAS Conference on Computing and Sustainable Societies (pp. 332–345).
EAC. (2023). Blockchain for Cross-Border Trade in the East African Community. EAC Technical Report.
Nkosi, T., & Dlamini, S. (2021). Energy-Efficient Consensus Mechanisms for African Blockchains. Sustainable Computing, 30, 100567.
AUDA-NEPAD. (2023). Continental Digital Identity Strategy: A Blockchain Roadmap. African Union Development Agency.
Kufuor, K. (2020). Legal Identity and Blockchain in Ghana. African Human Rights Law Journal, 20(2), 455–478.
Mohamed, H. (2022). Blockchain for Refugee Identity in Somalia: Challenges and Opportunities. Journal of Humanitarian Technology, 4(1), 12–28.
Salami, I., et al. (2023). Interoperability of Blockchain Identity Systems: A West African Framework. In IEEE ICBC 2023 (pp. 1–9).
Mwangi, E., & Kamau, P. (2024). User Adoption of Blockchain Identity in Kenya: A Qualitative Study. Behaviour & Information Technology, 43(2), 301–317.
Cairo University. (2023). Blockchain for E-Government in Egypt: A Pilot Study. Technical Report.
OAU. (2022). Pan-African Digital Identity: A Blockchain-Based Approach. Organization of African Unity Report.
Togolese Republic. (2023). National Blockchain Strategy for Digital Identity. Government Whitepaper.
Zulu, M., & Banda, L. (2021). Decentralized Identity for Smallholder Farmers in Zambia. In ACM DEV 2021 (pp. 1–10).
ECOWAS. (2024). Regional Identity Management Using Blockchain: ECOWAS Guidelines. Economic Community of West African States.
Malunga, D., et al. (2023). Blockchain and Biometric Identity in Malawi: A Privacy Analysis. IEEE Transactions on Biometrics, 11(3), 450–465.
Wanyama, T. (2024). Blockchain for Cross-Border Identity in Africa. African Journal of Technology, 15(3), 77–92.
Copyright Notice
Authors who publish this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-Non-Commercial-Share-Alike 4.0 International 4.0 that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
Disclaimer
LAJC in no event shall be liable for any direct, indirect, incidental, punitive, or consequential copyright infringement claims related to articles that have been submitted for evaluation, or published in any issue of this journal. Find out more in our Disclaimer Notice.