Decentralized Identity Frameworks for Role-Based Access Control in Financial Software Systems

Abstract

Decentralized identity (DID) solutions are emerging as robust alternatives to traditional identity management systems, particularly in security-sensitive financial environments. This paper proposes a blockchain-enabled decentralized identity framework that strengthens role-based access control (RBAC) in financial software platforms. By leveraging verifiable credentials, self-sovereign identity principles, and smart contract-based access policies, the framework ensures secure authentication, granular privilege assignment, and immutable access tracking. Integrating Ethereum smart contracts with SAP business modules, the prototype demonstrates automated identity validation, tamper-proof audit trails, and transparent access logging aligned with regulatory compliance mandates such as GDPR and SOX. The system’s architecture reduces administrative overhead, minimizes identity spoofing risks, and enhances traceability across financial workflows. Experimental evaluation reveals improved consistency in access enforcement, reduced authentication latency, and greater resistance to role-escalation attacks. By combining decentralized identity standards with enterprise-grade RBAC models, the proposed solution provides a scalable and compliant approach for modern financial software securit.