diff --git a/_posts/application/2023-06-16-use-cases.md b/_posts/application/2023-06-16-use-cases.md new file mode 100644 index 00000000..95c9e95b --- /dev/null +++ b/_posts/application/2023-06-16-use-cases.md @@ -0,0 +1,161 @@ +--- +title: SSI Use-Cases +description: Industries are already digging in. Here are some of the most visible and promising use cases. +excerpt: > + The general problem statement here is, as you will have noticed, not about proving who you are but about proving what you are. I need to know you have a line of credit, a pilot’s licence or a diploma from a top ten dental school. I do not care who you are +layout: single +permalink: application/use-cases/ +canonical_url: 'https://decentralized-id.com/application/use-cases/' +categories: ["Application"] +tags: ["Content Attribution","Events","Climate","Bots","IAM","Reputation","Workplace","Record Keeping","Energy Systems","Property Management","Gaming","Business","Career","Security","Banking","Loyalty Programs"] +last_modified_at: 2023-06-18 +--- + +## General +* [A Solution Looking for a Problem? Digital ID Solves a Million of Them](https://www.forbes.com/sites/davidbirch/2022/08/09/solution-looking-for-a-problem-digital-id-solves-a-million-of-them/?sh=4d1d6bb4fd7f%C2%A0) 2022-08-09 David Birch, Forbes + > The general problem statement here is, as you will have noticed, not about proving who you are but about proving what you are. I need to know you have a line of credit, a pilot’s licence or a diploma from a top ten dental school. I do not care who you are, unless something goes wrong, it which case law enforcement or professional bodies take over. + > + > Here, then, there is most definitely a problem looking for a solution and we already know what the solution is: verifiable credentials (VCs). +* [25+ Proof of Concepts (PoCs) for Verifiable Credentials](https://academy.affinidi.com/25-proof-of-concept-poc-for-verifiable-credentials-edf684b592f2) 2021-05-20 Affinidi + > Today, we proudly present another 25+ Proof of Concepts for VC implementation. These use cases are a compilation of the [submissions](https://affinidipocathon.devpost.com/) (in no particular order) made by the participants of the Affindi PoCathon 2021. +* [Self-Sovereign Identity: More Use Cases](https://www.bankinfosecurity.com/self-sovereign-identity-more-use-cases-a-16448) 2021-04-22 BankInfoSecurity Heather Dahl and Ken Ebert of Indicio + > In a video interview with Information Security Media Group, Dahl and Ebert discuss: + > + > - The evolution of Indicio.tech from the Sovrin Foundation; + > - Key initiatives in implementing and testing decentralized identity; + > - How a decentralized workforce is accelerating the need for identity management. +* [26 Suggested Use Cases of Verifiable Credentials (With Some Real-World Examples)](https://academy.affinidi.com/25-real-world-use-cases-of-verifiable-credentials-4657c9cbc5e) 2021-04-15 Affinidi + > we hope that business leaders, entrepreneurs, and developers will use this article as a guide to create some breakthrough solutions that will benefit the society at large. +* [How Exactly Are Verifiable Credentials Making the World Better?](https://sgershuni.medium.com/how-exactly-are-verifiable-credentials-making-the-world-better-eb72145c061) 2021-01-05 Stepan Gershuni + > 6 stories of how verifiable credentials can improve the lives of every day people: + > + > Ajay is an Uber driver in San Francisco. He wants to try various temporary jobs while he’s studying but joining Lyft, Postmates and other platforms requires going through a long and tedious background verification and car certification process over and over again. +* [5 Promising Use Cases for Verifiable Credentials](https://hackernoon.com/5-promising-use-cases-for-verifiable-credentials-tu1y348k) 2020-12-05 Hackernoon + > several industries are already digging in. Here are some of the most visible and promising use cases. +* [SSI Essentials: 35 use cases of decentralized identities that will make your life easier](https://gataca.io/blog/ssi-essentials-35-use-cases-of-decentralized-identities-that-will-make-your-life-easier) Gataca + +## Use Cases +### Career +* [Coming soon — a resume-validating blockchain network for job seeker](https://www.computerworld.com/article/3675547/coming-soon-a-resume-validating-blockchain-network-for-job-seekers.html#tk.rss_security) 2022-10-05 Computer World + > "Verifying applicant career records can take days, weeks, if not months, to complete," said Dror Gurevich, founder and CEO of the Velocity Network Foundation. "Hiring methods are severely outdated to the point that one in three Americans have [admitted to lying on their resumes](https://t.yesware.com/tt/0db4de0058ee9613cdfcabd5fae96c6ca51e1b7f/275468cd0c53df0b2dfa60dbb913464b/c19e9bd03a563c32bab519acc1fa9f5b/www.resumebuilder.com/1-in-3-americans-admit-to-lying-on-resume/), which slows the hiring process immensely. +* [How Blockchain Technology and Self-Sovereign Identity Enables the New Normal of Remote Learning, Training and Working](https://www.linkedin.com/pulse/how-blockchain-technology-self-sovereign-identity-enables-hossain-) 2022-08-06 Md Sabbir Hossain + > This model lets the identity owner easily organize a unique, verifiable learning path from a wide variety of resources to powerfully prepare for a particular job. Similarly, employers can encourage job candidates to complete recommended learning paths for certain roles, ensuring that they enter the organization with the right skills and verifiable competencies. Or, employers can upskill employees by designing curriculums that draw upon a diverse variety of online courses, university or community college programs, coding academies, or other competency evaluation frameworks. Any course that is completed, a certificate that is earned, or work experience that is gained will produce a verifiable credential that can be shared with any other entity that uses a compatible self-sovereign identity system. +* [Trusted Career Credentials](https://www.linkedin.com/pulse/trusted-career-credentials-dr-gordon-jones/) 2022-02-11 Dr Gordon Jones + > Today, even in this digital world that has expanded over the past two years, the job market still relies on self-reported attributes, records, resumes, and/or LinkedIn profiles, that individuals share with employers or recruiters as the source for applicants and employee data. +* [Blockchain and the Decentralised Workforce](https://workforcefuturist.substack.com/p/blockchain-and-the-decentralised-workforce) 2021-05-01 WorkforceFuturist + > For workers, life-long learning will be a big theme and there will more opportunities to earn and learn. We will ditch the CV/resume and use digital credential wallets, as we will for other personal data e.g. health, financial, identity. There will be greater competition for our time and attention, where work and leisure overlap. +* [Self sovereign career identity](https://diginomica.com/self-sovereign-career-identity-conversation-meg-bear-sap-successfactors) 2020-11-16 Meg Bear Diginomica + > The Velocity piece is a way for me as an individual to own my credentials, to say, these are the things that I know. And these are the things I've done. And if I can own that, I have a lot more interest in it. And I can use it in a lot more interesting ways. In the past, that might have just been something that I built as reputation within a company, I can now make that a more dynamic and portable reputation I can take with me anywhere. + +## e-Commerce +* [The "30TB hard drive" investigation shows the real impact verification could have on #eCommerce](https://twitter.com/TransmuteNews/status/1572692362148847619) 2022-09-22 Transmute + > [Walmart Sells Fake 30TB Hard Drive That’s Actually Two Small SD Cards in a Trench Coat](https://www.vice.com/en/article/akek8e/walmart-30tb-ssd-hard-drive-scam-sd-cards) +* [Growing confidence is programmed in – how self-sovereign digital identities make business relationships easier](https://www.bosch.com/research/blog/economy-of-things/technology/#ssi_) 2021-06-24 Bosch + > Bosch will now also systematically transfer the self-sovereign identity (SSI) principle to the B2B sector – in other words to business relationships between companies. A further step will involve transferring it to secure and trustworthy interactions between machines. +* [Self-Sovereign E-Commerce](https://iiw.idcommons.net/23J/_Self-Sovereign_E-Commerce) 2021-05-07 Doc Searls + > Doc introduced the session with the slide deck [here](https://www.slideshare.net/dsearls/day3iiw-sesion), wearing his hat as a founding member of [Customer Commons](http://customercommons.org), the .org working on the Intention Byway discussed at earlier IIW sessions and described in [this blog](https://customercommons.org/2021/04/27/a-new-way/), posed later. 2021-04-27 + > + > His case is that the incumbent e-commece system hasn’t progressed past its dependence on the cookie, and perhaps never will; and that there is a need to stand up an alternate model, built on asynchronous pub-sub messaging and compute nodes that run apps that don’t have to come from the stores of Apple and Google. + > + > First examples of target areas (where communities are already active) are food distribution in Michigan and real estate in Boston. Hadrian Zbarcea led the discussion of both, using slides from the deck above. + +### Content Attribution +* [Yes, verifiable authentic human content is important.](https://twitter.com/OR13b/status/1573100718164164610) 2022-09-23 Orie Steele +*The [Content Authenticity Initiative](https://contentauthenticity.org/how-it-works) one of Orie’s favoriate Use-cases for VCS* + > I also think cryptography can provide better transparency for synthetic content. It's one of my favorite applications of W3C Verifiable Credentials. +* [Self sovereign online identity is going to be a CRITICAL tool for everyone on the internet.](https://twitter.com/ericxtang/status/1575645620659900417) 2022-09-30 EricTang.eth + > Without it, we will lose trust of any content on the internet due to AI advancement in the next 12-24 months. + > + > This one of the most urgent issues in our society today. +* [Creating trust in assertions, claims and the authenticity of the original content](https://liccium.com/) LICCIUM + > Introducing Liccium Trust Engine – the next generation rights and media asset management for the web3. With Liccium, content creators can digitally sign their original creative works to increase trust in claims and attribution. + +## Events +* [Event tickets as verifiable credentials](https://lissi-id.medium.com/event-tickets-as-verifiable-credentials-31f4a10b28cc) 2022-09-22 Lissi + > This article explains how verifiable credentials can be used to benefit event organizers and visitors alike based on a practical usage of the Lissi team. + +### Notarization +* [Digital Notarization Can Kickstart Digital ID Ecosystems (with Dan Gisolfi)](https://northernblock.io/digital-notarization-can-kickstart-digital-id-ecosystems-with-dan-gisolfi/) 2022-09-08 Northern Block + > - The missing role in the trust triangle: The Examiner. + > - using attestations from multiple issuers helps to create more trust. + > - How Issuance can become a business model for many trusted service providers. + > - Some challenges with the mDL (ISO/IEC 18013) standard. + > - The benefits of using a Microcredentials approach. + +## Energy Systems +* [Digital identities – building block for an automated energy system](https://www.smart-energy.com/digitalisation/digital-identities-building-block-for-an-automated-energy-system/) 2022-09-02 Smart Energy + > New features include credential revocation and expiration, full support for role-authorised issuance, credential issuance based on email verification and asset administration as well as better alignment with the W3C’s Verifiable Credential Standards. +* [Use Case: American Electric Power](https://idramp.com/use-case-american-electric-power/) 2021-05-11 IDRamp + > What kind of strategy will take you to being a next-generation utility company? For AEP Ohio, a large electric utility company based in Columbus, this challenge began with a comprehensive review of their entire ecosystem and which identified their key pain points for innovation. + +## Reputation + +* [Digital Identities Will Change The Nature Of Online Reputation](https://www.forbes.com/sites/alastairjohnson/2022/08/30/digital-identities-will-change-the-nature-of-online-reputation/?sh=bd1f30b584a3) 2022-08-30 Forbes + > This could then act as a form of universal Verifiable Credentials (VCs) that would be acceptable for any platform to confirm who someone is but wouldn’t give access to any information that an individual elected to restrict. As an individual demonstrates experience, earns certifications, or expands their credentials, this digital identity would instantly reflect that, evolving an online reputation. + +## IAM +* [IAM and SSI: A Combined Approach to Digital Identity](https://www.youtube.com/watch?v=tzzg4cbj3mI) 2022-06-16 TOIP + > "Let’s talk about the future of digital identity! Decentralized Identity will empower users to maintain control over their data and allow organizations to reap the benefits of being able to share trusted, verifiable identity data. The coexistence with traditional IAM will bring huge benefits to organizations who adopt." - Gabe Albert + +### As a Service +* [Self-Sovereign Identity as a Service: Architecture in Practice](https://arxiv.org/pdf/2205.08314.pdf) 2022-06-02 Yepeng Ding, Hiroyuki Sato, University of Tokyo + > We propose a practical architecture by elaborating the service concept, SSI, and DLT to implement SSIaaS platforms and SSI services. Besides, we present an architecture for constructing and customizing SSI services with a set of architectural patterns and provide corresponding evaluations. Furthermore, we demonstrate the feasibility of our proposed architecture in practice with Selfid, an SSIaaS platform based on our proposed architecture. +* [Credentials as a Service Providing Self Sovereign Identity as a Cloud Service Using Trusted Execution Environments](https://ieeexplore.ieee.org/document/9610297) 2021-10-04 Hira Siddiqui, Mujtaba Idrees, Ivan Gudymenko, Do Le Quoc, Christof Fetzer + > With increasing digitization, more and more people use their identification credentials for accessing online services; which increases concern for data privacy. To ensure user's privacy, alternate credential management schemes must be adopted. Self-Sovereign Identity (SSI) is a form of credential management where users are in charge of their credentials. Privacy-critical data is stored at the user's end and they can choose to do selective disclosure of minimal required information to access services. Currently, SSI solutions are not being widely adopted by service providers and the ecosystem is fragmented. One of the reasons for the lack of adoption is the need for maintaining private infrastructure for credential issuance, as critical user information is to be handled during credential issuance. To cater to this, we present a solution that enables the service providers to run their credential issuers on public cloud - a so-called Credentials as a Service (CaaS). CaaS issuers run inside Trusted Execution Environments (TEE) enabling credential issuers to ensure user's privacy while enjoying the flexibility of the pay-per-use cloud model. CaaS can pave the way for making SSI credentials ubiquitous in identity management solutions. + +### Account Managment +* [Transferable Accounts Putting Passengers at Risk](https://www.windley.com/archives/2022/06/transferable_accounts_putting_passengers_at_risk.shtml) 2022-06 Phil Windley + > The non-transferability of verifiable credential is one of their super powers. This post examines how that super power can be used to reduce fraud and increase safety in a hired car platform. + +### Security +* [Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”](https://krebsonsecurity.com/2022/03/hackers-gaining-power-of-subpoena-via-fake-emergency-data-requests/) 2022-03 + > If there was a trust framework for police departments and a DID registry for them - the police departments could issue VCs to their officers. + > + > If you want to se how hard this was/would have been to achieve in earlier technology stacks take a look at [conceptual outlines](https://trustmark.gtri.gatech.edu/concept/) from this NSTIC (National Strategies for Trusted Identities in Cyberspace) developing a trust framework for law enforcement federations done by the Georgia Technology Reserach Institute and the [results/learnings.](https://trustmark.gtri.gatech.edu/insights/) +* [Digital IDs under attack: How to tackle the threat?](https://www.helpnetsecurity.com/2022/01/27/ssi-face-presentation-attacks/) 2022-01-27 HelpnetSecurity + > - photo attacks based on the presentation of facial evidence of an image of a face printed or displayed via a device’s screen. + > - video of user replay attack usually consisting of placing the screen of the attacker’s device in front of the camera. + > - 3D mask attacks where 3D masks are crafted to reproduce the real traits of a human face and even include eyes holes to fool the liveliness detection based on eye gaze, blinking and motion. + > - deepfake attacks make use of leveraging software capable to create a synthetic video or image realistically representing someone else. Attackers are suspected to have access to a wide dataset containing images or a video of their target. +* [Beware of Digital ID attacks: your face can be spoofed!](https://www.enisa.europa.eu/news/enisa-news/beware-of-digital-id-attacks-your-face-can-be-spoofed) 2022-01-20 ENISA + > Digital identification is the focus of two new reports by the European Union Agency for Cybersecurity (ENISA): [an analysis of self-sovereign identity](https://www.enisa.europa.eu/publications/digital-identity-leveraging-the-ssi-concept-to-build-trust/@@download/fullReport) (SSI) and a study of major [face presentation attacks](https://www.enisa.europa.eu/publications/remote-identity-proofing-attacks-countermeasures). + +## Workplace +* [Blockchains in HR: Prosoon and Talao go together on SSI and HR credentials](https://medium.com/@talao_io/blockchains-in-hr-prosoon-and-talao-go-together-on-ssi-and-hr-credentials-3b92968011fe) 2022-01-31 Talao + > This partnership will enable the use of Blockchain and Self-Sovereign Identity technologies such as verifiable credentials to enable the support of diplomas and professional certifications in compliance with personal data in a decentralized environment (#web3). + +### Banking +* [Banking’s identity problem](https://www.globalbankingandfinance.com/bankings-identity-problem/) 2021-08-19 Global Banking and Finance + > Banks have sought to overcome some of these challenges with the use of biometrics such as facial recognition and fingerprints.  These are now more commonly used to login to, or unlock devices, and increase usability, but still leave the challenge of proving the authenticity of a document wide open to abuse. +* [Opening the domestic card rails to innovation](https://blog.meeco.me/opening-the-domestic-card-rails-to-innovation/) 2021-07-29 Meeco + > Of the recommendations in the report, Meeco is especially interested in the inclusion of data as the new currency, mobile wallets and digital identity. These map directly to the work Meeco has had the privilege to explore and validate together with eftpos over the past year. This includes a micropayments Proof-of-Technology using Meeco's multipurpose wallet decentralised on Hedera and a pilot that is now underway with eftpos' identity broker solution, connectID, for credentials verification as part of employee onboarding. +* [MemberPass Digital ID can help Reduce Expenses and Build Member Trust](https://www.memberpass.com/2021/06/memberpass-digital-id-can-help-reduce-expenses-and-build-member-trust/) 2021-06 MemberPass + > You can probably use the good news. It’s never been easy to run a credit union, especially when you get whacked from all sides. Regulations change, members always seem to want access to another shiny new technology gadget, and financial fraud continues to be a threat. On top of that, we’ve all had to grapple with the pervasive life-changing effects of the coronavirus pandemic for the past year. +* [Building an SSI Ecosystem: MemberPass and Credit Unions](https://www.windley.com/archives/2021/06/building_an_ssi_ecosystem_memberpass_and_credit_unions.shtml) 2021/06 Phil Windley + > Credit unions and their members face the threat of fraud on all sides. And credit unions employ lots of tools to fight it. But ultimately, the problem comes down to the member and credit union authenticating each other. The problem is that doing this securely annoys people. +* [Video] [New Bank Account Use Case](https://www.youtube.com/watch?v=YRLu4U4hSZ8) 2021-05-25 Trustblock + > As a user, you should be able to open a new bank account online by providing your digital drivers license, digital drivers license assurance/evidence and digital credit report. +* [Julian Wilson: Self-Sovereign Data meets Open Banking](https://mastersofprivacy.com/julian-wilson-self-sovereign-data-meets-open-banking/) 2021-03-03 Masters of Privacy + > Julian Wilson began his career at Apple in the late 80s [...] joined Ecospend in 2019 to build a self-sovereign data service on top of an Open Banking platform. He describes his role as putting an Internet lens onto product design. +* [A banking approach to decentralized identity and building a credential ecosystem - Mike Brown](https://ssimeetup.org/banking-approach-decentralized-identity-building-credential-ecosystem-mike-brown-webinar-20/) 2019-01-29 [presentation](https://www.slideshare.net/SSIMeetup/a-banking-approach-to-decentralized-identity-and-building-a-credential-ecosystem-mike-brown) + > Mike Brown is the Director of Product Innovation with ATB Financial, leading their efforts on blockchain-related technologies. With 5,000 team members serving over 725,000 Albertans for the past 80 years, ATB Financial is Alberta’s largest home grown financial institution. This presentation provides an overview of the work ATB has done to-date through various proof-of-concepts around self-sovereign identity, and their current efforts around developing an ecosystem within Alberta (Canada) around SSI, and more specifically around trusted credentials. + +## Video Distribution +* [Divitel & Ledger Leopard Team Up to Apply Blockchain & Self Sovereign Identity Technology to Video Distribution](https://www.canto.org/blog/divitel-and-ledger-leopard-team-up-to-apply-blockchain-self-sovereign-identity-technology-to-video-distribution/) 2021-06-11 Canto + > ready to market by end of end of 2022 offering increased flexibility, control, ease of use and speed when managing the access of video distribution ecosystem data, independent of the technology used.  Divitel video carrier customers will be offered the option to include this blockchain module on top of their ecosystems. + +## Property Management +* [A brighter future for tenant/landlord relationships](https://domilabs.io/tenant-landlord-relationships/) 2021-05-26 Domi Labs + > it’s hard to keep track since some call, some… email, and still others send you a message on WhatsApp.” Going through all of these disparate messages is its own fulltime job! + > + > That’s why Domi locates all communication about a property in one place, making it easy for tenants and property managers to stay in touch. +* [The Credential Highway - How Self-Sovereign Identity Unlocks Property Rights for the Bottom Billion](https://www.newamerica.org/future-property-rights/reports/ssi-credential-highway/) 2019-05-13 + > Why? Because the pieces of evidence that administrative agencies require to register property — things like a survey plan, a notarized will, or a state-issued identity card — may be inaccessible, or may not represent the reality of rights on the ground. As a result, land administration systems end up excluding billions of people. +* [Report] [The Nail Finds a Hammer: Self-Sovereign Identity, Design Principles, and Property Rights in the Developing World](https://www.newamerica.org/future-property-rights/reports/nail-finds-hammer/) 2018-10-18 New America + > Our interest in identity systems was an inevitable outgrowth of our earlier work on blockchain-based1 land registries.2 Property registries, which at the simplest level are ledgers of who has which rights to which asset, require a very secure and reliable means of identifying both people and properties. In the course of investigating solutions to that problem, we began to appreciate the broader challenges of digital identity and its role in international development. And the more we learned about digital identity, the more convinced we became of the need for self-sovereign identity, or SSI. This model, and the underlying principles of identity which it incorporates, will be described in detail in this paper. + +### Loyalty programs +* [Reimagining Customer Loyalty Programs With Verifiable Credentials: A Pravici Case Study](https://www.evernym.com/blog/customer-loyalty-verifiable-credentials/) 2021-04-15 Evernym + > [Pravici](https://pravici.com/), an Evernym customer and startup based out of Chandler, Arizona, is looking to flip the equation. Their solution, Tokenized Loyalty Points (TLP), uses verifiable credential technology to give individual consumers control over their data, while empowering them to direct how their favorite brands can use this data for loyalty and other campaigns. +* [Check out the latest version of our beta prototype in the Appstore for #verifiablecredentials for #LoyaltyPrograms](https://twitter.com/_XPID_/status/1323371035484250113) 2020-11-03 XPID + > https://apps.apple.com/us/app/id1458328593 When #sovereign #decentralized #identity becomes a reality, your #Loyalty and #loyaltyrewards #Wallet will be on XPID. #SSI diff --git a/_posts/application/2023-06-17-supply-chain.md b/_posts/application/2023-06-17-supply-chain.md new file mode 100644 index 00000000..65e08ca6 --- /dev/null +++ b/_posts/application/2023-06-17-supply-chain.md @@ -0,0 +1,48 @@ +--- +title: Supply Chains and Self Sovereign Identity +description: A highly scalable operating model for digitisation and trust of cross border trade based on verifiable credentials. +excerpt: > + The digital and physical world are merging more than ever before. As the supply chain becomes more ‘phygital,’ innovative ways of sharing data – like using verifiable credentials – are helping to build more trust with data along the supply chain. +layout: single +permalink: application/supply-chain/ +canonical_url: 'https://decentralized-id.com/application/supply-chain/' +categories: ["Application"] +tags: ["Supply Chain","Transmute","GS1","UNECE","SAP","USCBP"] +last_modified_at: 2023-06-18 +--- + +## Main + +* [The Digital Supply Chain of the Future](https://medium.com/transmute-techtalk/the-digital-supply-chain-of-the-future-79e9431aaa0d) 2021-12-09 Nis Jespersen Transmute + > There is no limit to what a DID can identify. The obvious examples are organizations and people, as explained above. They can also represent assets such as shipping containers, seals, boxes, vessels, or locations, and intangible concepts like bookings, agreements, transactions, or documents. +* [The Phygital Future of the Supply Chain](https://nextlevelsupplychainpodwithgs1us.libsyn.com/the-phygital-future-of-the-supply-chain) 2022-09-21 Next Level Supply Chain Podcast with GS1 + > The digital and physical world are merging more than ever before. As the supply chain becomes more ‘phygital,’ innovative ways of sharing data – like using verifiable credentials – are helping to build more trust with data along the supply chain. +* [Visibility 2.0: Creating Digital Consistency in an International Supply Chain](https://nextlevelsupplychainpodwithgs1us.libsyn.com/visibility-20-creating-digital-consistency-in-an-international-supply-chain) 2022-08-10 Next Level Supply + > how can something as complicated as the international supply chain take fundamental trade practices and marry them with innovation so we can move at the speed of digitization? Join us for a mind-blowing discussion with Karyl Fowler, CEO at Transmute +* [eDATA Verifiable Credentials for Cross Border Trade](https://unece.org/sites/default/files/2022-07/WhitePaper_VerifiableCredentials-CBT.pdf) 2022-07 UNECE UN/CEFACT White Paper + > This paper describes a highly scalable operating model for digitisation and trust of cross border trade based on verifiable credentials, linked data, and decentralised identifiers. It provides national regulators with implementation guidance that will facilitate the following outcomes +* [Identity Terms Provide Value along the Supply Chain: How We Know When to Buy the Farm](https://medium.com/@Transmute/identity-terms-provide-value-along-the-supply-chain-how-we-know-when-to-buy-the-farm-738701967e3d) 2022-06-10 Jessica Tacka, Transmute + > Supply chain credentialing in the form of bills of lading, certificates of origin, or letters of credit is used to protect honest parties and their merchandise from being confused with dishonest parties or entities that are engaged in unethical practices, such as environmental destruction, or forced labor. +* [The missing link: digitizing supply chains with portable data](https://medium.com/mavennet/the-missing-link-digitizing-supply-chains-with-portable-data-583b66acc9bc) 2021-05-17 Mavnet + > The traceability vocabulary bridges the gap between existing record-keeping systems and the verifiable exchange of supply chain information across organizations envisioned by proponents of these data portability technologies. +* [How to Prevent Supply Chain Fraud With Blockchain](https://www.dock.io/post/supply-chain-fraud-blockchain) 2023-05-01 Dock + > The global [supply chain management market size](https://www.prnewswire.com/news-releases/supply-chain-management-scm-market-size-worth--19-3-billion-globally-by-2028-at-9-02--cagr-verified-market-research-301540702.html) was valued at USD 10.1 Billion in 2020 and is projected to reach USD 19.3 Billion by 2028. Supply chain is the path for any product such as food, clothes, or appliances to go from where it was a produced, to distributors, procurement officers (quality inspections), and the market. +* [SAP Pharma Solution Supports Supply Chain Compliance](https://insidesap.com.au/sap-pharma-solution-supports-supply-chain-compliance/) 2021-04-06 SAP + > SAP has chosen an open, interoperable technology to validate all stakeholders in the pharma supply chain in order to provide customers with the best solution for compliance under the U.S. Drug Supply Chain Security Act (DSCSA) requirements. The DSCSA also limits stakeholders’ interactions to ATPs. +* [SAP Completes Pharmaceutical Industry Pilot to Improve Supply Chain Authenticity](https://news.sap.com/2021/03/pharmaceutical-supply-chain-industry-pilot/) 2021-03 SAP + > today announced the completion of an industry-wide pilot utilizing self-sovereign identity (SSI) credentials to establish trust in the pharmaceutical supply chain for indirect trade relationships. +* [Identity in the Supply Chain](https://vimeo.com/669713750) 2022-01-25 Vienna Digital Identity #30 + > GS1 is the global association for supply chain identifiers with members across all industry sectors and interacting (unbeknownst) with general consumer on a daily basis. Transmute a foundational member of the DID/VC community and a participant in the US DHS Silicon Valley Innovation Program’s cross-border shipping use case. + > + > - Transmute Deck: [thedinglegroup.com/s/Transmute_Vienna-Digital-ID-Forum-Jan-2022.pdf](https://www.thedinglegroup.com/s/Transmute_Vienna-Digital-ID-Forum-Jan-2022.pdf) + > - GS1 Deck: [thedinglegroup.com/s/2022-01-24_ViennaDigitalIdentityPhilA.pdf](https://www.thedinglegroup.com/s/2022-01-24_ViennaDigitalIdentityPhilA.pdf) +* [CBP: Blockchain for Import Security with Vincent Annunziato](https://www.spreaker.com/user/13158652/ep8-cbp-vincent-annunziato) 2020-11-16 Federal Blockchain News + > He is the Director of Transformation & Innovation Division of the Customs and Border Patrol Office of Trade, talks about shaping blockchain technologies to make imports safer and more secure. CBP's current projects include tracking steel, oil, and natural gas imports from Canada. + +## Literature +* [Blockchain-Based Self-Sovereign Identity Approach for Inter-Organizational Business Processes](https://annals-csis.org/proceedings/2022/pliks/194.pdf) 2022-08-30 Annals + > To address trust and privacy issues in IOBP, this paper presents a Blockchain-based Self-Sovereign Identity (SSI) approach. The SSI concept is combined with a registry proof smart contract to provide an efficient privacy-preserving solution. The proposed approach is applied to the pharmaceutical supply chain case study and implemented on the Ethereum Blockchain +* [Blockchain and SSI Support Quality in Food Supply Chain](https://www.researchgate.net/publication/356608292_Blockchain_and_Self_Sovereign_Identity_to_Support_Quality_in_the_Food_Supply_Chain) 2021-11 Luisanna Cocco, Roberto Tonelli, Michele Marchesi - Università degli studi di Cagliari + > using standards that are WWW Consortium-compatible and the Ethereum Blockchain, ensures eligibility, transparency, and traceability of the certifications along a food supply chain, and could be an innovation model/idea that the companies that adopt the Open Innovation paradigm might want to pursue. +* [Providing Assurance and Scrutability on Shared Data and Machine Learning Models with Verifiable Credentials](https://www.researchgate.net/publication/351575047_Providing_Assurance_and_Scrutability_on_Shared_Data_and_Machine_Learning_Models_with_Verifiable_Credentials) 2021-05 Iain Barclay, Alun Preece, Ian Taylor, Swapna Radha + > This paper introduces a software architecture and implementation of a system based on design patterns from the field of self-sovereign identity. Scientists can issue signed credentials attesting to qualities of their data resources. Data contributions to ML models are recorded in a bill of materials (BOM), which is stored with the model as a verifiable credential. The BOM provides a traceable record of the supply chain for an AI system, which facilitates on-going scrutiny of the qualities of the contributing components. diff --git a/_posts/application/2023-06-18-trending-adoption.md b/_posts/application/2023-06-18-trending-adoption.md new file mode 100644 index 00000000..ae99b579 --- /dev/null +++ b/_posts/application/2023-06-18-trending-adoption.md @@ -0,0 +1,87 @@ +--- +title: Market signals, SSI trending, and the road to mainstream adoption. +description: Verifiable Credentials (VC) was an intriguing standard with some promising potential applications, but wasn't widely known or understood +excerpt: > + Three years and one pandemic later, the demand for cryptographically secure, privacy-respecting and machine-verifiable electronic credentials has grown and, as a result, governments are starting to wake up to VC's potential. +layout: single +permalink: application/trending-adoption/ +canonical_url: 'https://decentralized-id.com/application/trending-adoption/' +categories: ["Application"] +tags: ["Meta"] +last_modified_at: 2023-06-18 +--- + +## SSI Trending + +* [Self-Sovereign Identity](https://explodingtopics.com/topic/self-sovereign-identity) Exploding Topics 2023-06-17 - up 4293% over 5 years. +* [Decentralized Identifiers](https://explodingtopics.com/topic/decentralized-identifier-1) 2023-06-17 ExplodingTopics - up 2200% over 5 years +* [Thoughtworks has graduated Verifiable Credentials into the “Trial" category of their technology radar map](https://www.thoughtworks.com/radar/techniques/verifiable-credentials) 2023-04-26 Thoughtworks Technology Radar + > When we first included it in the Radar three years ago, verifiable credentials (VC) was an intriguing standard with some promising potential applications, but it wasn't widely known or understood outside the community of enthusiasts. This was particularly true when it came to the credential-granting institutions, such as state governments, who would be responsible for implementing the standards. Three years and one pandemic later, the demand for cryptographically secure, privacy-respecting and machine-verifiable electronic credentials has grown and, as a result, governments are starting to wake up to VC's potential. The W3C standard puts credential holders at the center, which is similar to our experience when using physical credentials: users can put their verifiable credentials in their own digital wallets and show them to anyone at any time without the permission of the credentials' issuer. This decentralized approach also helps users to better manage and selectively disclose their own information which greatly improves data privacy protection. +* [New McKinsey Digital Trend](https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-top-trends-in-tech) 2022-08-24 +We went through the paywall so you don’t have to - SSI only mentioned once. From page 99>> +* [EIC2022 Centralized & Decentralized Identity converging](https://www.linkedin.com/pulse/eic2022-centralized-decentralized-identity-converging-kuppinger/) 2022-05-18 Martin Kuppinger + > For me, the most relevant new topic and trend was to finally see the convergence of decentralized identities (DID) and traditional approaches on IAM starting. DID, also referred to as SSI (Self Sovereign Identity) or verifiable credentials, is a concept where the user has a wallet that holds proofs of identities and attributes. This could be an ID proof based on a government-issued ID card. It could be a proof of the employer that the user works in an organization in a certain role. It can be other proofs such as the drivers license, health cards, self-issued proofs, etc. +* [Digital identity market revenues to reach US$53bn in 2026](https://www.nfcw.com/2022/01/31/375825/digital-identity-market-revenues-to-reach-us53bn-in-2026/) 2022-01-31 NFCW + > Juniper’s Digital Identity: Key Opportunities, Regulatory Landscape & Market Forecasts 2022-2026 report also identifies multimodal biometric authentication, digital onboarding — including single sign-on solutions and self-sovereign identity — as “growing trends” across the digital identity market. +* [Digital Identity Trends and Predictions for 2022](https://www.signicat.com/blog/2022-trends-and-predictions) 2022-01-14 Signicat + > What will be the buzzwords of 2022? + > - Identity wallet + > - Decentralized identity + > - Web 3.0 + > - Passwordless +* [Webinar Recording – 2021 Redux/2022 Trends To Watch](https://www.continuumloop.com/webinar-recording-2021-redux-2022-trends-to-watch/) 2022-01-24 Continuum Loop [Video](https://youtu.be/L-sdGA8h5-g) [Presentation](http://www.continuumloop.com/wp-content/uploads/2021/12/webinar-13JAN2021-2021Review-2022Trends.png) + > Darrell talked about his top 5 stories from 2021: + > - Good Health Pass + > - [Interoperability Blueprint](https://trustoverip.org/wp-content/uploads/2021/08/GHP_Interoperability_Blueprint.pdf) + > - SSI Book + > - [Self-Sovereign Identity](https://www.manning.com/books/self-sovereign-identity) – Decentralized Digital ID and Verifiable Credentials + > - [The Current and Future State of Digital Wallets](https://thewalletwars.s3.amazonaws.com/The-Current-and-Future-State-of-Digital-Wallets-v1.0-FINAL.pdf) + > - Governments slinging code + > - Data Sovereignty: [UK](https://youtu.be/L-sdGA8h5-g?t=832) & [Canadian](https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/gc-white-paper-data-sovereignty-public-cloud.html#toc6) governments have great policy pieces issued by respective governments on why open source helps and the concept of SSI. + > - [Evernym Acquisition](https://www.prnewswire.com/news-releases/avast-to-acquire-evernym-301440885.html) + > - [cheqd launch](https://cheqd.io/blog/cheqd-launches-mainnet-network/) +* [Top 5 digital identity trends injecting trust back into governance](https://www.openaccessgovernment.org/digital-identity-trends/125013/) 2021-11-29 Open Access Government + > As early SSI use cases develop and legal and political institutions evolve, the reality of impactful, integrated SSI systems becomes more tangible. Such use cases include privacy-preserving vaccination certificates, digital identity wallets, and decentralised data verification and certification services that streamline processes like visa applications and workplace credential checks. +* [How Verifiable Credentials Can Rebuild Trust On The Internet](https://www.forbes.com/sites/forbestechcouncil/2020/12/18/how-verifiable-credentials-can-rebuild-trust-on-the-internet/) 2020-12-18 Forbes + > Berners-Lee recently suggested that the web needs a midcourse correction. Part of that change involves making systems accountable and making it easy for users to find where information comes from. Verifiable credentials promise major strides in that direction. +* [Thoughtworks put Decentralized Identity into the "Assess" category of their technology radar map](http://web.archive.org/web/20201120201821/https://www.thoughtworks.com/radar/techniques?blipid=202005083) 2020-05-19 Thoughtworks Technology Radar + > Adopting and implementing decentralized identity is gaining momentum and becoming attainable. We see its adoption in privacy-respecting customer health applications, government healthcare infrastructure and corporate legal identity. +* [Self Sovereign Identity - A glossary of distributed technologies](https://policyreview.info/open-abstracts/self-sovereign-identity) 2020-05-18 Policy Review + > Released by the Internet Policy Review Journal on Internet Regulations received an entry on Self-Sovereign Identity By Alexandra Giannopoulou & Fennie Wang + +## Market Signals +* [Decentralized Identity Market Signals](https://indicio.tech/decentralized-identity-market-signals/) 2022-05-25 Tim Spring Indicio + > In this rapid fire review we will take a look at, and break down, the biggest recent stories in digital identity and what they could mean for business and the average person using the internet. +* [The Market Opportunity for Reusable Identity and How to Get There](https://liminal.co/reports/market-opportunity-for-reusable-identity/) 2022-02-03 Liminal + > The Total Addressable Market is $32.8B in 2022, to reach $266.5B by 2027, with a CAGR of 68.9%. Today, the market is still nascent but is posed for strong growth. +* [Institutions digitising credentials, but blockchain use remains low](https://thepienews.com/news/digitising-credentials-blockchain-use/) 2021-05-17 The Pie News [Research](https://www.aacrao.org/research-publications/aacrao-research/meeting-the-moment-transforming-the-digital-credentials-space) + > While some educational institutions have shifted to issuing EDX, digitally signed PDFs or blockchain verifiable credentials, reliance on paper-based credentials is still widespread. While both paper and even digitally signed PDF credentialing solutions have worked well enough, there are still unaddressed challenges facing students, employers, and other educational stakeholders in a global learning and employment marketplace. + +## On Adoption +* [Decentralized Identity: Keys to Mainstream Adoption](https://trustoverip.org/blog/2022/05/27/decentralized-identity-keys-to-mainstream-adoption/) 2022-05-27 Trust Over IP + When it comes to decentralized identity solutions, many business sponsors do not yet understand how DCI can provide practical answers to immediate frontline business problems. This climate creates the impression that decentralized identity is interesting but not ready for prime time adoption. +* [I had a stab at why Cardspace failed, in](https://twitter.com/Steve_Lockstep/status/1517861150129795072) 2022-04-23 Steve Lockstep + > “[Identities Evolve: Why Federated Identity is Easier Said than Done](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2163241) + > + > Why does digital identity turn out to be such a hard problem? People are social animals with deep seated intuitions and conventions around identity, but exercising our identities online has been hugely problematic. +* [IIW33 Session: Crossing the chasm ➔ Mass market adoption of SSI and VC](https://www.youtube.com/watch?v=AhXB9Kzzklg) 2021-10-16 IAMX [Session Notes](https://iiw.idcommons.net/13B/_Crossing_the_chasm_-_mass_market_adoption_of_SSI_and_VC._What_is_needed_to_make_triangle_of_trust_work%3F) + > 1. How to ➡ enable mass market adoption of SSI and VC? + > 2. Is the preservation of human rights the correct design-principle? + > 3. What is needed to make triangle of trust work? + > a) How to design verifiable credentials ZKP and GDPR conform? + > b) How to onboard verifiable credentials? + > c) What are the use cases? +* [Nice overview, somewhat questionable assumptions](https://twitter.com/UbikomProject/status/1405945396208209932) 2021-06-18 UbikomProject + * [To Succeed In Decentralizing Digital Identity, Focus On Relationships First](https://www.forbes.com/sites/forbestechcouncil/2021/06/16/to-succeed-in-decentralizing-digital-identity-focus-on-relationships-first/?sh=6f133ef11824) 2021-06-16 Forbes + > when it comes to consumers of services, we need to think about identity in terms of building and maintaining trusted digital relationships. With adtech cookies in the regulatory crosshairs, and our research finding that 70% of consumers prefer apps that won't sell their personally identifiable information, we can't afford to think in terms of one-time purchases or disappointing experiences. Many consumers need to manage person-to-person and person-to-device relationships, too. We're not alone in this connected world. +* [Why self-sovereign identity will get adopted (and it’s not the reason you probably want)](https://www.tuesdaynight.org/2018/06/15/why-self-sovereign-identity-will-get-adopted-and-its-not-the-reason-you-probably-want/) 2018-06-15 Tuesday Night + > In the payment card world, there are clear guidelines on personal liability. $50 if you use credit and up to $500 for debit depending on when you report the issue. Based on that, different people choose to use different “systems.” + > + > However, no such guidelines exist for the use of identity information (e.g. attributes.) +* [OWI Digital Forum Recap: The Rise & Adoption of Verifiable Credentials](https://trinsic.id/owi-digital-forum-recap-the-rise-adoption-of-verifiable-credentials/) 2021-05-21 Trinsic + > Riley went on to more specifically address where verifiable credentials are at in terms of adoption. About a year and a half ago, there was essentially zero real-world adoption. Today, there’s between 100,000-300,000 verifiable credentials being used by real end users. In the last 18 months, demand has skyrocketed and there have been strong adoption signals, but the adoption of verifiable credentials is still very early. +* [Some early thinking about where #SSI is under @swardley model of Genesis -> Custom -> Product -> Utility.](https://twitter.com/darrello/status/1371457759779110912) 2021-05-15 Darrell O'Donnell + > We've come a long way, but we are still in the earliest of stages. + > ![](https://pbs.twimg.com/media/EwhlfT-XEAE672y?format=jpg&name=large) +* [4 Keys to Self-sovereign Identity Adoption](https://medium.com/trinsic/4-keys-to-self-sovereign-identity-adoption-ad269b208569) 2021-01-19 Trinsic + > Many implementers won’t realize the potential of SSI until it’s deployed at scale, but in order to get to scale, we need implementers to realize value. It’s the classic chicken & egg problem. diff --git a/unsorted/dpki.md b/unsorted/dpki.md new file mode 100644 index 00000000..781f1252 --- /dev/null +++ b/unsorted/dpki.md @@ -0,0 +1,12 @@ +--- +published: false +--- + +## Decentralized Public Key Infrastructure DPKI +* RWoT—[Decentralized Public Key Infrastructure](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/blob/master/final-documents/dpki.pdf) +* [SCPKI: A Smart Contract-based PKI and Identity System](http://www0.cs.ucl.ac.uk/staff/M.AlBassam/publications/scpki-bcc17.pdf) +* [KeyChains: A Decentralized Public-Key Infrastructure](https://drum.lib.umd.edu/bitstream/handle/1903/3332/0.pdf?sequence=1&isAllowed=y) +* [ClaimChain: Decentralized Public Key Infrastructure](https://www.researchgate.net/publication/318584251_ClaimChain_Decentralized_Public_Key_Infrastructure) +* [A Decentralized Public Key Infrastructure with Identity Retention](https://eprint.iacr.org/2014/803.pdf) +* [Privacy based decentralized Public Key Infrastructure (PKI) implementation using Smart contract in Blockchain](https://isrdc.iitb.ac.in/blockchain/workshops/2017-iitb/papers/paper-11%20-%20Decentralized%20PKI%20in%20blockchain%20and%20Smart%20contract.pdf) + diff --git a/unsorted/guardianship.md b/unsorted/guardianship.md new file mode 100644 index 00000000..0221223f --- /dev/null +++ b/unsorted/guardianship.md @@ -0,0 +1,213 @@ +--- +published: false +--- + +# Guardianship +* [Guardianship In Self-Sovereign Identity](http://thedinglegroup.com/blog/2020/11/30/guardianship-in-self-sovereign-identity) 2020-11-30 + +* [Video] [Vienna Digital Identity Meetup #17](https://vimeo.com/482803989) + > Guardianship is a complex topic, with many subtleties and layers [...]  In this first event on this topic, Philippe has provided an overview of how SSI and Guardianship fit together and how SSI meets the lifecycle stages (Inception, Creation, Usage and Termination) of guardianship. +* [The Sovrin Working Group Tech Requirements and Implementation Guidelines](https://docs.google.com/presentation/d/1aGTPmlno3WScpSYMs1HLhWsrVRx9B-I0yhOQsRgmqRw/edit?usp=sharing) John Phillips, Jo Spenser + > Sovrin is looking to promote the governance process and where guardianship fits in.  The IdRamp wallet is an example of how the wallet could provide helpful features. +* [A Deeper Understanding of Implementing Guardianship](https://sovrinid.medium.com/a-deeper-understanding-of-implementing-guardianship-9a8ab749db90) + +* [A Deeper Understanding of Implementing Guardianship](https://sovrinid.medium.com/a-deeper-understanding-of-implementing-guardianship-9a8ab749db90): Two new Guardianship papers from Sovrin at IIW #32 + > The first paper is called the [Guardianship Credentials Implementation Guidelines](https://drive.google.com/file/d/1vBePVx8n3MRDWcePkwVDya9ab4BHEyU_/view?usp=sharing) and its purpose is to provide readers with the background they need to implement IT systems that support various kinds of guardianship. The second paper is called [Guardianship Credentials Technical Requirements](https://drive.google.com/file/d/1M21PznPAd0H6z1t4ODl-jiEoXZjEhwcb/view?usp=sharing) which was developed by the technical requirements working group within the SGWG. The purpose of this document is twofold: i) provide principles under which guardianship scenario designs and requirements are considered and defined; and ii) provide technical requirements for SSI solutions that offer the capability of guardianship. + +* [Internet Governance - UDDI - Universal Declaration of Digital Identity](https://iiw.idcommons.net/10I/_Internet_Governance_-_UDDI_-_Universal_Declaration_of_Digital_Identity) by Jeff Aresty, Kristina Yasuda + +Internet governance, human rights, digital identity, Identity for All, Guardianship + +* [Guardianship Showcase - The Sovrin Working Group Tech Requirements and Implementation Guidelines](https://iiw.idcommons.net/4G/_Guardianship_Showcase_-_The_Sovrin_Working_Group_Tech_Requirements_and_Implementation_Guidelines) by John Phillips, Jo Spenser + +* [Guardianship, SSI, and the Sovrin Guardianship WG - Update for IIW #32](https://docs.google.com/presentation/d/1aGTPmlno3WScpSYMs1HLhWsrVRx9B-I0yhOQsRgmqRw/edit?usp=sharing) + +1. Jurisdictions are essential [to Guardianship] +2. Work with existing laws +3. Build Guardianship on Verifiable Credentials +4. Build a mental model +5. Don’t build Guardianship [solely] on wallets + +Sovrin is looking to promote the governance process and where guardianship fits in.  The IdRamp wallet is an example of how the wallet could provide helpful features. + +- Universal Wallet: [https://w3c-ccg.github.io/universal-wallet-interop-spec/](https://w3c-ccg.github.io/universal-wallet-interop-spec/) +- Review/contribute to the draft spec (or portions you’re interested in): [https://docs.google.com/document/d/1vPqb4bJ6pfuAPYF_fMW_Lb-7GZugasWKfrSCotpuv6o/edit#](https://docs.google.com/document/d/1vPqb4bJ6pfuAPYF_fMW_Lb-7GZugasWKfrSCotpuv6o/edit#) +- Verifiable Credentials for Education Task Force: [https://w3c-ccg.github.io/vc-ed/](https://w3c-ccg.github.io/vc-ed/) + +* [Agency By Design (Privacy is not Enough)](https://iiw.idcommons.net/20B/_Agency_By_Design_(Privacy_is_not_Enough)) by Adrian Gropper + +Agency vs. Delegation + +Learning Stack: + +- Me +- My Agent / Fiduciary / semi-autonomous +- Community +- Vendors and Institutions + +Relationship with companies + +- Dashboard for our lives +- Portable shopping cart + +CAPCHAS + +- Browser is not enough +- Force APIs +- GNAP +- API in healthcare + +How would an API World function + +- Intelligence +- Choice + +The GNAP at  the IETF: [https://tools.ietf.org/html/draft-ietf-gnap-core-protocol-04](https://tools.ietf.org/html/draft-ietf-gnap-core-protocol-04) + +Is server a bad concept + +- Ethereum as the ultimate server + +Clear application? Needed a model how a real human uses / not the tech / highly motivated + +Social Context is important to the average user + +The back end is most important + +Real estate “agents” vs. DSIY - Zillow - the GNAP RFC at the IETF: [https://tools.ietf.org/html/draft-ietf-gnap-core-protocol-04](https://tools.ietf.org/html/draft-ietf-gnap-core-protocol-04) + +* [...] + +HTML and JSON / OAuth 2.0 Token Exchange - support for delegation semantics ( [https://tools.ietf.org/html/rfc8693](https://tools.ietf.org/html/rfc8693)  ) + +A password manager that puts the user in full control.  [https://sitepassword.alanhkarp.com/](https://sitepassword.alanhkarp.com/) + +* [...] + +Agency by Design (Privacy is not Enough) + +Adrian Gropper: + +I’m not a fan of Privacy by Design. + +In the industry are only concerned about compliance, very rarely talk about Human Agency + +Privacy by Default is the opposite in some sense to privacy by design + +The problem is that It conflict with community in many cases. (e.g. social credit score) + +Cultural differences (EU accepts better centralization than US) + +Delegation and agency are one the same thing + +Agency is a much bigger thing and delegation is a mechanism that supports it + +I want my fiduciaries to know as much as possible of me (e.g. my doctor, my lawyer) + +Model Agency as hierarchy and delegation is the mean to have it. + +* [...] + +* [Why you know less about Guardianship than you think (because we ALL know less about Guardianship than we think)](https://iiw.idcommons.net/20L/_Why_you_know_less_about_Guardianship_than_you_think_(because_we_ALL_know_less_about_Guardianship_than_we_think)) by Jo Spencer, John Phillips, Sterre den Breeijen + +Link to the deck we’ll use to start the conversation: [https://docs.google.com/presentation/d/1aGTPmlno3WScpSYMs1HLhWsrVRx9B-I0yhOQsRgmqRw/edit?usp=sharing](https://docs.google.com/presentation/d/1aGTPmlno3WScpSYMs1HLhWsrVRx9B-I0yhOQsRgmqRw/edit?usp=sharing) + +Do we need to get more people interested in the “real life” application of + +Four groups of people at IIW conferences? + +- Technologists +- Idealists +- Pragmatists +- Entrepreneurs +1. In 2019 the Sovrin Foundation published a whitepaper on Guardianship; transitioned into the Working Group +2. APAC and NA/EMEA WG meetings +3. 2 key documents from the WG are going to be published by Sovrin Foundation - [https://sovrin.org/a-deeper-understanding-of-implementing-guardianship/](https://sovrin.org/a-deeper-understanding-of-implementing-guardianship/) +4. Implementation guidelines +5. Technical requirements +6. Why are we looking at Guardianship and SSI? +7. Guardianship is a part of life - we are rarely fully self-sovereign or independent +8. Guardianship is not a part of SSI at this moment - is a missing ingredient in our digital lives +9. The group thought guardianship was a simple concept +10. Small set of SSI building blocks … +11. Gap between use cases and requirements was too broad (see slides) +12. A mental model for guardianship was required (see IIW30 and IIW31 for further context) +13. ‘Squiggle’ - the journey +14. 5 things the team worked out +15. Jurisdictions are essential (gives meaning to the guardianship relation) +16. Should work with existing laws +17. Guardianship can be built on verifiable credentials +18. Build a mental model (and test it) - 15 functional requirements, 6 technical requirements, 3 validator requirements +19. Don’t build guardianship solely on wallets (mitigate the risk of wallet takeover and impersonation) +20. Transparent vs Opaque guardianship scenario +21. 5 things to consider +22. Should discovery be enabled +23. Ensuring appropriate representation +24. Receiving parties are key +25. Balancing agency, dignity and care +26. Transitions : recovery, expiry and ends +27. Alignment with SSI and ToIP +28. Guardianship creates a tension between independence and dependence +29. An obvious relationship with the ToIP (the ToIP model/diagram) +30. Mapping concepts of Guardianship with the Trust Triangle diagram + + --- + +31. Parties, Actors and Action pattern +32. [https://essif-lab.pages.grnet.gr/framework/docs/notations-and-conventions](https://essif-lab.pages.grnet.gr/framework/docs/notations-and-conventions) +33. [https://www.researchgate.net/publication/348325716_Decentralized_SSI_Governance_the_missing_link_in_automating_business_decisions](https://www.researchgate.net/publication/348325716_Decentralized_SSI_Governance_the_missing_link_in_automating_business_decisions) + +* [What if the Credential Subject cannot be the Holder?](https://iiw.idcommons.net/20H/_What_if_the_Credential_Subject_cannot_be_the_Holder%3F) by Sam Curren + +Quick intro outline: [https://hackmd.io/HhLGtxBPSeGpxtp30S5tOg](https://hackmd.io/HhLGtxBPSeGpxtp30S5tOg) + +Where is the line at the limits of what a holder can hold? + +How is user consent managed? + +What are the protocols like? + +How does this tie into OAuth, GNAP, etc? + +How does this relate to DIDComm Credential Exchange Protocols and Secure Data Stores? + +It’s possible that the intent of the law is not being met, if a provider refuses to share data on behalf of a user. + +OpenID has a function for distributed claims that provide a URI and an access token for retrieval. + +JWTs have AZP - The authorized presenter of a credential. The issuer may be the authorized presenter. + +If the issuer wants to use existing protocols, a credential can be issued which functions as a ‘shadow’ of the main credential. Presenting the shadow credential provides consent for the verifier to ask for a presentation of the main credential from the issuer. + +* [Identity Escrow - Accountability AND Privacy](https://iiw.idcommons.net/11I/_Identity_Escrow_-_Accountability_AND_Privacy) by Sam Curren, Ken Ebert, Suresh Batchu, Kiran Addepalli + +1. Can the escrow hold the "Proof of the information" as opposed to the information itself. +2. Mortgage Service - might seem to be an authorization to access the data directly or the issuer present directly. +3. What gets put into escrow is flexible. +4. Trigger event or a lockbox kind of capability. How is the claim released to relying parties? How does it eliminate mischief and false claims. +5. There needs to be some accountability on the service provider to claim false releases. Automation may not be able to completely eliminate false triggers, some level of human intervention for complex cases. +6. Contractual wrapper for +7. Technical and legal framework for accountability. +8. Don’t have data but key to unlock the escrow. So that no insider can unlock the data. Separating the data release from the encryption release would be better. +9. It is better to hold proof of data. Because of the risk and liability, it can create incentives to escrow providers. +10. We should chat about the CDDE (Community Distributed Data Escrow) that we have developed with UN, WEF, NYU Gov lab for data handling in disaster settings. Very related to this. Blind trust, etc. for self shielding. + +* [...] + +Links that came up during the call: + +- [https://onlinelibrary.wiley.com/doi/abs/10.1111/j.1430-9134.2001.00173.x](https://onlinelibrary.wiley.com/doi/abs/10.1111/j.1430-9134.2001.00173.x) +- [https://dhh1128.github.io/zkpcreds/trust-paradox-rebuttal.html](https://dhh1128.github.io/zkpcreds/trust-paradox-rebuttal.html) +- Feedback loop into privacy law: [https://kantarainitiative.org/confluence/display/WA/Privacy+as+Expected%3A+UI+Signalling+a+Consent+Gateway+For+Human+Consent](https://kantarainitiative.org/confluence/display/WA/Privacy+as+Expected%3A+UI+Signalling+a+Consent+Gateway+For+Human+Consent) + +* [https://link.springer.com/chapter/10.1007/978-3-540-45146-4_8](https://link.springer.com/chapter/10.1007/978-3-540-45146-4_8) + +* [Let’s Go - Together!: Does international travel only ever involve independent adults?](https://trustoverip.org/blog/2021/11/24/lets-go-together/) ToIP 2021-11-24 + +Applying the developed models of guardianship, using the flexibility of Verifiable Credentials and the trusted mechanisms of sharing VCs, can provide the ability to add guardianship credentials into the travel process (or not) without breaking the existing approach and complicating the technical details defined in the Blueprint. + +* [Delegatable Credentials Now Available](https://blog.dock.io/delegatable-credentials-now-available/) + > An issuer may [grant delegation authority to another issuer](https://docknetwork.github.io/sdk/tutorials/concepts_private_delegation.html) simply by issuing them a vcdm credential. Let's say did:ex:a wants to grant delegation authority to did:ex:b. did:ex:a simply issues the credential saying that did:ex:b may make any claim. +* [Common Delegation Patterns in the Verifiable Credential Ecosystem](https://kyledenhartog.com/delegation-in-verifiable-credentials/) Kyle Den Hartog + +did you know that there are three ways in which you can utilize VCs and DIDs to enable delegation [...] look to the [ZCAP-LD data model](https://w3c-ccg.github.io/zcap-ld/) which is designed especially for these concepts. And if you’re still confused and would like some help please reach out and I can see how I can help. diff --git a/unsorted/later/companies/README.md b/unsorted/later/companies/README.md index 6168412c..fc188628 100644 --- a/unsorted/later/companies/README.md +++ b/unsorted/later/companies/README.md @@ -45,7 +45,7 @@ Amazon customers will first need to register their palm(s) using a scanner at th >The World Bank estimates over 1 billion persons, usually the most vulnerable, are without formal identity. ## Indicio -* [Anonyome Labs Joins the Indicio MainNet](https://anonyome.com/2021/05/anonyome-labs-joins-the-indicio-mainnet/) +* [Anonyome Labs Joins the Indicio MainNet](https://anonyome.com/2021/05/anonyome-labs-joins-the-indicio-mainnet/) 2021-05-26 Anonyome > Here, we go through how we went about standing up our Indico node. In brief: > - The Indicio MainNet is an enterprise-grade ledger for use by decentralized identity applications. > - We brought up the node using AWS Elastic Cloud Computing (EC2) instances within a Virtual Private Cloud (VPC).