[**_A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems_**](https://arxiv.org/pdf/1908.00929.pdf) NIST CYBERSECURITY WHITE PAPER (DRAFT) BLOCKCHAIN IDENTITY MANAGEMENT APPROACHES
JULY 9, 2019
> Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing both within organizations as well as on the Internet more broadly. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy issues such as encouraging mass data collection and user tracking. Blockchain technology has the potential to support novel data ownership and governance models with built-in control and consent mechanisms, which may benefit both users and businesses by alleviating these concerns; as a result, blockchain-based IDMSs are beginning to proliferate. This work categorizes these systems into a taxonomy based on differences in architecture, governance models, and other salient features. We provide context for the taxonomy by describing related terms, emerging standards, and use cases, while highlighting relevant security and privacy considerations.
[Identity Management with Blockchain: The Definitive Guide (2019)](https://tykn.tech/identity-management-blockchain/)
> Learn everything about how Blockchain is used for Identity Management. This Definitive Guide to Identity Management with Blockchain has the answers.
> If ledger isn’t used, then every issuer of a credential has to maintain infrastructure or contract service provider to respond to DID resolution & revocation requests. And, credential issuers would know when the credential was used, impacting privacy.
<iframesrc="https://channel9.msdn.com/Shows/Blocktalk/Decentralized-Identity-and-Blockchain/player"width="640"height="360"allowFullScreenframeBorder="0"title="Decentralized Identity and Blockchain - Microsoft Channel 9 Video"></iframe>
[Identity and Distributed Ledger - Today and Tomorrow - June 26 | Identiverse 2019](https://www.youtube.com/watch?v=l04AHP7kPPw)
[Distributed Ledger Technologies, IAM, and the Truth in Things - June 27 | Identiverse 2019](https://www.youtube.com/watch?v=VV2rLgH9TUE) - Robert Brown
[Decentralized Identity: Intersection of Identity and Distributed Ledger - June 25 | Identiverse 2019](https://www.youtube.com/watch?v=bjlnZyMTf1M) - Preeti Rastogi
* [Identity at Coinbase: Welcoming the Distributed Systems team](https://blog.coinbase.com/identity-at-coinbase-welcoming-the-distributed-systems-team-d929dd64de2e) [[**ϟ**](https://www.wired.com/story/coinbase-distributed-systems-acquisition/)]
* [Shocard](https://shocard.com/) — "Blockchain-Based Mobile Identity Platform" [[**ϟ**](https://medium.com/shocard/why-shocard-is-the-premier-blockchain-based-mobile-identity-platform-6fad15410106)]
* [Dapp Framework Melo One to use Civic](https://www.cryptoninjas.net/2018/08/30/dapp-framework-menlo-one-to-use-civic-for-blockchain-identity-verification/)
* [I/O Digital Foundation](https://iodigital.io/) [**[**wp**](https://simplebooklet.com/iocoinwhitepaper#page=0)**]
* "offers a Proof-of-Stake blockchain called Decentralised Input Output Name Server (DIONS). It will enable applications such as identity and alias registration, storage of legal documents, key exchange, and encrypted messaging."
* [Gemalto and R3 pilot blockchain for SSID](https://www.cryptoninjas.net/2018/09/18/gemalto-and-r3-pilot-blockchain-technology-for-self-sovereign-digital-id-network/#.W6drpckvGLU.twitter)
* "network allows anyone to store structured data on a smart contract blockchain. Data can optionally be bought and sold on a marketplace using the DAT token. Datum leverages BigchainDB and IPFS as data storage backends. All data is encrypted and protected using AES256-GCM.
* [Pro-civis](https://procivis.ch) — "e-government as a service" platform called "eID+". It enables citizens to get an official, electronic Citizen-ID on a mobile app.
* The platform includes the [Vetri](https://vetri.global/) wallet and marketplace. 'Earn extra income and rewards by joining the data economy.'"
* [We can do better than selling our data](http://blogs.harvard.edu/doc/2018/09/18/data/)-Doc Searls(*IIW*)
* [ONTology](https://ont.io/) [[**G**](https://github.com/ontio/ontology-DID)]— "a "Distributed Trust Network" which combines a cross-chain identity system, peer-to-peer data transmission, data authorization mechanisms, distributed data storage, attestation, and various industry-specific modules. It also includes an Ontology Crypto Package (OCP) and an Ontology Marketplace (OM)."
* a network of computers that collectively maintain a global registry of domain names, public keys, and cryptographic hashes. With this registry, Blockstack serves as a decentralized domain name system (DNS) and a decentralized public key infrastructure (PKI).
* [Onename](https://onename.com/) — "a product built on Blockstack that allows people to register identities"
* [App Mining](https://app.co/mining)
* [Launch HN: Stacks (YC S14) – The first SEC-qualified crypto token offering](https://news.ycombinator.com/item?id=20413420) -news.ycombinator
* [Introducing Clarity, a language for predictable smart contracts](https://blog.blockstack.org/introducing-clarity-the-language-for-predictable-smart-contracts/)
* [Extending Existing Blockchains with Virtualchain](https://www.zurich.ibm.com/dccl/papers/nelson_dccl.pdf)
* [Breaking Down Blockstack—Whitepaper Review](https://tokeneconomy.co/breaking-down-blockstack-whitepaper-review-3c828788f3e9)
* [Breaking Down Blockstack— Stack Tokens](https://tokeneconomy.co/breaking-down-blockstack-pt-2-stack-tokens-7718578cfeae)
>BNS nodes are compliant with the emerging Decentralized Identity Foundation protocol specification for decentralized identifiers (DIDs).
>Each name in BNS has an associated DID. The DID format for BNS is:
> `did:stack:v0:{address}-{index}`
* [Blockstack DID Spec](https://github.com/blockstack/blockstack-core/blob/master/docs/blockstack-did-spec.md)[[**ϟ**](https://forum.blockstack.org/t/did-method-at-identity-foundation/4287)]
* [Bringing decentralized identity to traditional apps](https://www.larrysalibra.com/blog/adding-blockstack-auth-to-discourse/)
>TL;DR: In this technical post for developers, I walk through how we added Blockstack ID support to the Discourse forum software.
Handshake is a UTXO-based blockchain protocol which manages the registration, renewal and transfer of DNS top-level domains (TLDs). Our naming protocol differs from its predecessors in that it has no concept of namespacing or subdomains at the consensus layer. Its purpose is not to replace DNS, but to replace the root zone file and the root servers.
>Handshake is public blockchain that will serve as a global list of top-level domain names. By pointing your browser to resolve requests via the Handshake network instead of at your local DNS resolving server, you’ll essentially be looking up websites’ IP addresses on the Handshake blockchain, instead of those maintained on DNS resolvers that are centralized. - [The Case for Handshake](https://medium.com/amentum/the-case-for-handshake-9b0af0d989fe) A Compelling Bid to Decentralize Domain Names
Steven McKie
>Many fail to realize that DNS is already decentralized, with the exception of a single, critical component, of which trust is centralized: the root zone, or simply, a collection of top level domains (TLDs). And this trust anchor is kept by a small federation of authoritative bodies, where ICANN is currently the ultimate authority. - [Everything You Didn’t Know About the Handshake Naming System](https://hackernoon.com/everything-you-didnt-know-about-the-handshake-naming-system-how-this-blockchain-project-will-483464309f33)
>Certificate Authorities in the DNS network constructed the way it is today are the trusted stewards for the operation of the Internet. These stewards, as explained in the project paper, are profit-maximizing entities. Meaning, ICANN has no altruistic incentive to act honestly, yet has every incentive to maintain its natural monopoly over the riches that come with governing a critical layer of the Internet. And even if CAs intend to be good stewards, the premise of the decentralization movement posits that we should not ever need to rely on any single authority, especially one that acts as the gatekeeper to the highway of all human knowledge - [Everything You Didn’t Know About the Handshake Naming System](https://hackernoon.com/everything-you-didnt-know-about-the-handshake-naming-system-how-this-blockchain-project-will-483464309f33)
* [Handshake: An experimental peer-to-peer root DNS (handshake.org)](https://news.ycombinator.com/item?id=17676312) -news.ycombinator.com
>This seems like a neat idea but the economics are that of a for profit business, and I think we learned that handing domains to a for profit (NetworkSolutions) was a bad idea.
>7% going to contributors and 7% going to financial backers is a pretty big incentive. [0]
>I’d rather see this set up as a non profit foundation or a community driven trust and run in an OSS way for the financial elements. As it is, I don’t think we should create a decentralized network with such significant financial incentives.
> This is a formatted and annotated version of the original Handshake whitepaper hosted by Namebase, a Handshake registrar and exchange. Last updated November 29, 2018.
>If you have questions about the whitepaper, message the Telegram group or email whitepaper@namebase.io and we will add a relevant annotation to the whitepaper.
* [handshake-org/hdns](https://github.com/handshake-org/hdns) - Handshake-capable DNS module for node.js
* [handshake-org/bcuckoo](https://github.com/handshake-org/bcuckoo) - Cuckoo Cycle in pure javascript
* [handshake-org/blog](https://github.com/handshake-org/blog) - the Handshake project's blog
* [handshake-org/faucet-tool](https://github.com/handshake-org/faucet-tool) - A tool to generate mnemonic seeds, keys and addresses for the Handshake Faucet
* [handshake-org/hndshkBot](https://github.com/handshake-org/hndshkBot) - IRC Bot for developer faucet
* [handshake-org/libhns](https://github.com/handshake-org/libhns) -C library for resolving handshake names (fork of c-ares)
* [Sovereign](http://sovereign.software/)[[**G**](https://github.com/DemocracyEarth/sovereign)], a blockchain direct democracy tool using "vote" tokens to grant democratic participation rights to every human. A proof-of-individuality (POI) process based on peer-to-peer validation establishes that a self-sovereign identity is uniquely tied to a single person. Cooperation is happening with other decentralized identity initiatives such as Blockstack and uPort.
* [The Social Smart Contract](https://github.com/DemocracyEarth/paper#The_Social_Smart_Contract)[[**ϟ**](https://www.dropbox.com/s/sifogl4zimwkkei/Democracy%20Earth%20-%20Social%20Smart%20Contract%20-%20Paper%20v0.2.pdf?dl=0)] An Initial Rights Offering from Democracy Earth Foundation.
* [Yellow Jackets on the Sovereign Platform](https://words.democracy.earth/yellow-jackets-on-the-sovereign-platform-bdebe6d62ae1)
* [Meet the Dad Who Registered His Daughter’s Birth on the Blockchain](https://www.coindesk.com/meet-the-dad-who-registered-his-daughters-birth-on-the-blockchain) [[**ϟ**](https://www.coindesk.com/humans-on-the-blockchain-why-crypto-is-the-best-defense-against-ai-overlords)]
>we worked with councils, senates, non profits, student centers, political parties, corporations.. but implementing real digital governance at scale really took off with crypto networks. our partnership with @blockstack is our biggest milestone of 2018. -[Santi](https://twitter.com/santisiri/status/1076259390154592256)