https://ojs.wiserpub.com/index.php/CNC <p><em>Computer Networks and Communications </em>(<a href="https://ojs.wiserpub.com/index.php/CNC/" target="_blank" rel="noopener"><em>CNC</em></a>) is an international, peer-reviewed, open access journal in science and technology for original research papers focused on networks and communications, published biannually online by Universal Wiser Publisher (<a href="https://www.wiserpub.com/" target="_blank" rel="noopener">UWP</a>).</p> <p><strong>&gt;</strong> fully open access - free for readers<br /><strong>&gt;</strong> no article processing charge (APC) paid by authors or their institutions until 2025<br /><strong>&gt;</strong> thorough double-blind peer-review<br /><strong>&gt;</strong> free post-publication promotion service by the Editorial Office</p> Universal Wiser Publisher en-US Computer Networks and Communications 2972-4619 https://ojs.wiserpub.com/index.php/CNC/article/view/4281 <p>The sharing of private information is a daunting, multifaceted, and expensive undertaking. Furthermore, identity management is an additional challenge that poses significant technological, operational, and legal obstacles. Present solutions and their accompanying infrastructures rely on centralized models that are susceptible to hacking and can hinder data control by the rightful owner. Consequently, blockchain technology has generated interest in the fields of identity and access control. This technology is viewed as a potential solution due to its ability to offer decentralization, transparency, provenance, security, and privacy benefits. Nevertheless, a completely decentralized and private solution that enables data owners to control their private data has yet to be presented. In this research, we introduce DeAuth, a novel decentralized, authentication and authorization scheme for secure private data transfer. DeAuth combines blockchain, smart-contracts, decentralized identity, and distributed peer-to-peer (P2P) storage to give users more control of their private data, and permissioning power to share without centralized services. For this scheme, identity is proven using decentralized identifiers and verifiable credentials, while authorization to share data is performed using the blockchain. A prototype was developed using the Ethereum Blockchain and the InterPlanetary Files System, a P2P file sharing protocol. We evaluated DeAuth through a use-case study and metrics such as security, performance, and cost. Our findings indicate DeAuth to be viable alternative to using centralized services; however, the underlying technologies are still in its infancies and require more testing before it can supplant traditional services.</p> Phillipe Austria Yoohwan Kim Ju-Yeon Jo Copyright (c) 2024 Phillipe Austria, et al. https://creativecommons.org/licenses/by/4.0/ 2024-07-05 2024-07-05 1–46 1–46 10.37256/cnc.2220244281