decentralized-id.github.io/_posts/identosphere-dump/educational-resources/explainer.md
⧉ infominer 761b3a88be mdc
2022-11-26 00:33:06 -05:00

129 KiB
Raw Blame History

published
false

Explainer

  • The Architecture of Identity Systems by Phil Windley

    I recently read a paper from Sam Smith, Key Event Receipt Infrastructure, that provided inspiration for a way to think about and classify identity systems. In particular his terminology was helpful to me. This blog post uses terminology and ideas from Sam's paper to classify and analyze three different identity system architectures. I hope it provides a useful model for thinking about identity online.

  • The SSO Practitioners Introduction to Decentralized Identity Written for IAM professionals familiar with federations.

    In most self-sovereign and decentralized identity systems the trust model is fundamentally unidirectional, where a verifier will trust the issuer, but the issuer may have no knowledge of the verifier.

  • Relationships and Identity, We build digital identity systems to create and manage relationships—not identities.
  • The Architecture of Identity Systems

    We can broadly classify identity systems into one of three types based on their architectures and primary root of trust:

    • Administrative
    • Algorithmic
    • Autonomic
  • Authentic Digital Relationships,

    Self-sovereign identity, supported by a heterarchical identity metasystem, creates a firm foundation for rich digital relationships that allow people to be digitally embodied so they can act online as autonomous agents.

  • Do we really need (or want) the State to provide us with digital identification?

    Just as the State still manages our “analog” identities, the online giants have vast power to manage the online data and identity of their users. Internet users are now both consumer and product: by using free online services, users feed companies with data, which those companies in turn process and monetize.

  • How Decentralized Identifiers Will Shape the Future of Identity HackerNoon

    Hackers value personal information the most. 96% of hacking groups primary motive is intelligence gathering. Researchers at privacy website PrivacyAffairs.com found that you can obtain a person's full identity for the low price of $1,275.

  • Self Sovereign Identity — explained Micha Roon

    It would be great indeed if digital interactions became even more trustworthy without the need to present our data on a silver platter to large Internet corporations

  • Self-Sovereign vs Administrative Identity Doc Searls 2012

    The problem Im trying to surface here is that we need full respect for self-sovereign identities, and identifiers, before we can solve the problem of highly fractured and incompatible administrative identifiers — a problem that has only become worse with the growth of the Web, where by design we are always the submissive and dependent party: calves to administrative cows.

  • @lissi_id and the three-sided credentials market

    When a user holds his:her own credentials locally on the phone, it creates a three-sided market, which puts the holder of the credential in the position of a carrier between issuer and verifiers.

Why portable security is the sleeper — but killer — feature for SSI

whats cool about DIDs (besides their self-service creation) is that their metadata is cryptographically verifiable. That means that anyone in the world can tell whether the metadata is legit, in the blink of an eye, just by asking software to check some math. And it also means that you can build a transport-independent, tamper-proof, encrypted communication channel with whoever controls a DID.

  • Identity Credential and Personal Data Ownership Perspectives Research from OIX

    Many global organisations are using their citizens identity and their other personally identifiable information (PII) to help combat the global Covid-19 crisis  […] reignited the debate around protecting public safety vs protecting privacy:  how to combat the contagious threat whilst preserving citizens digital identity, security and anonymity?

  • The Mental Models of Identity Enabled by SSI Adrian Doerk The Models: Space Time • Presentation • Attribute • Relationship • Capability
  • Adrian Doerk writes

    The post details 5 components necessary for the advance of SSI: Business, Technology, User Experience, Compliance, and Governance.

  • Why is SSI becoming a necessity and what potential it holds?

    Problem 1: CENTRAL AUTHORITY CONTROLS ALL DATA
    Problem 2: NUMEROUS SIGNUPS WITH SAME DATA
    Problem 3: INCONVENIENCE OF ONLINE FORMS

  • Digging Deeper into Self-sovereign Identity and Access Management Energy Web Foundation

    What wed like to highlight in this simplified process is the fact that it is the user who stores the claim and anchors it on chain. Also, because it is a private claim, the contents are provable but not disclosed. The user can therefore prove that they have been granted a certain privilege, but unless they elect to disclose this information, it is impossible for a third party to find out.

  • The Implications of Bring Your Own Identity Identity Defined Security Alliance

    My short stint as “Mark Jannell" taught me a lot of about trust and ease of use in a bring your own identity model. Trust, as always in security, is essential to this new class of relationships and must be established and then protected from abuse. Ease of use, it turns out, is a key factor in protecting that trust and promoting the adoption of good identity patterns. Im sure that I could have learned these lessons in some other way, but Ill never forget my half year answering to a pseudonym.

  • Blockchain is the Least Interesting Thing About Self-sovereign Identity Riley Huges

    as useful as blockchain is for SSI, its nowhere near as interesting as:

    • The impact on the internet
    • The benefits of technical standards
    • The economic opportunity for early innovators
  • Decentralized identity discussed: An INATBA roundtable round-up

We pointed to this before it happened. It was great. Here is a round up from Jolocom. It is highly recommended.

The paper Decentralised Identity: Whats at Stake?. Answering the papers core question of whats at stake, it gives three essential scenarios:

  1. Ideal full convergence of SSI technology with interoperability by default.
  2. Functional partial convergence resulting in detached ecosystems.
  3. Dysfunctional no convergence and isolated, locked-in ecosystems.
  • Who Controls Your Digital Identity? SAP

    SSI will have to be integrated with large existing business processes and therefore enterprise systems such as ERPs, HCMs, or SCMs to name a few. If this integration results in SSI being as easy to use as clicking a button or selecting a menu item, it will lead to rapid uptake and acceptance.

  • The 5Ps of a Self-Sovereign Identity

    A self-sovereign identity can be defined by the 5Ps as it is personal (it is about you), portable (meaning you can take your identity and data from one platform to another), private (you control your identity and data), persistent (it does not change without your consent) and protected (they cannot steal your identity).

  • Benefits of SSI and Blockchain in Digital Identity

    The needs and experiences of citizens are established with how digital identity networks should preserve the freedoms and rights of users over the needs of the network. Transparency is explicitly mentioned as part of SSI, and it places a high emphasis on the importance of the publics trust.

    As we look to the future of digital identity, SSI principles with blockchain have already proven to be successful by bringing together stakeholders to create a mutually beneficial network.

  • Decentralized Digital IDs: What it means for people, big tech, and the public sector

Irene Adamski, Blockchain Expert at German Blockchain Association and Bundesblock, on Self-Sovereign Identity

An answer to these challenges is an ecosystem in which digital identity data can be exchanged in a way that is secure, reliable, scalable and convenient. This will have a positive impact on the economic future of Germany and Europe while at the same time enhancing the private sphere of the individual.

DIDs are about building lasting private and secure digital relationships with customers, and as well see with each of the Deadly Sins, about reducing costs, increasing compliance and enabling truly personalized products and services without being creepy.

Links:

Identifiers, DID, ion

  • Decentralization of did:ion if anchoring transactions are batched by an operator: its possible to choose the operator or to incur the cost of anchoring the transactions. Furthermore, the operator doesnt gain access to the private key.
  • ION delivers: massive scale, cost efficiency (despite running on the bitcoin network - best case if bitcoin a transaction costs 100 USD one action costs 1 cent), decentralized & flexible, decentralized registries
  • ION has a type system so that DIDs can be used, e.g. for software packages, vehicles, … This makes it possible to make the centralized data repositories that we rely on today, npm registries etc., to be fully decentralized. This is a Sidetree feature that is currently only used by ION.
  • DIF is currently working on personal data stores. Expected impact on private messaging, social media, gig services, ..
  • ION is live and in production today
  • Ion-tools is a selection of tools to interact with the ION network: https://github.com/decentralized-identity/ion-tools
  • Resilience of ION: Its pointed out that not only Bitcoin needs to survive attacks but also the IPFS network as both are required for ION to work properly. With Bitcoin it looks unlikely that its currently possible to reverse transactions on the network. However, with IPFS data can be unpinned and potentially disappear from the network.

My Research Question and Goals

As today a revocation method based on accumulators is not implemented on a large scale identity system. The overall question is:

“How can current accumulator schemes support revocation of verifiable credentials for large scale production systems regarding performance, usability and privacy?”

Ning Hu, CTO of Ontology, spoke at a panel titled “The State of Decentralized Identity Solutions” in association with The Block, [...] accompanied by experts in the field of digital identity, Daniel Buchner, Senior PM of Decentralized Identity at Microsoft, and Tobias Fox, Co-founder of Serto. The discussion delved into how digital identity applies to everything from financial services to upskilling workforces, and how blockchain infrastructure can be utilized to lay the trust framework for decentralized identity solutions.

Dr. Andre Kudra of esatus.com discusses SSI, or Self-Sovereign Identity. It's a hot and fast-moving topic with a growing base of hackers, companies, nonprofits, and whole states, provinces and countries. Aaron Newcomb and Doc Searls probe Andre for lots of great intelligence about how SSI puts individuals in full charge of how they present minimized ID credentials safely, and inside a whole new framework. They also talk with Andre about his involvement with the demoscene and retro computing, which are especially huge in Europe. It's a great discussion on this episode of FLOSS Weekly.

OmniOne comes from the willingness to help transition from a service-centric identity to the self-sovereign identity paradigm, empowering anyone to control their identity in a highly secure manner while providing mutual benefits to the participants of its ecosystem.

"A silent war is ongoing between users and companies over the control of data."

1 Privacy or convenience is a question

2 SSI is the answer to this question

In chaotic systems such as those that the discipline of physics seeks to describe, there is also the concept of the “self-organizing principle,” which dictates a tendency for chaotic systems to organize themselves. While this might be a tendency in physics, organization usually needs a nudge in the right direction in the identity world. Proper attention to requirements and a good change control process are a crucial part of the equation.

In this blog our team of experts examine what blockchain is, what benefits it brings to identity management, the role of cryptography and zero-knowledge proofs, why its a terrible idea to put personal data on the blockchain and much more.

your digital identity represents you as a unique real-life person in a secure digital format. In fact, we likely have many different virtual identities across a spectrum of platforms and services.

An issuer makes claims or assertions about a user. These claims are bundled together into verifiable credentials and given to the user, who stores them in their digital wallet. From there, they can decide which verifiers they want to present these credentials to.

Identification: Who are you?

Authentication: Is it you again?

Authorization: What rights do I want to grant you?

  • Beyond basics: Expert Q&A about SSI with Dr. Milly Perry and Martin Schäffner

    In May, Dr. Milly Perry, blockchain expert and former research director at the Open University of Israel, had invited Martin Schäffner, the initiator of the SSI Working Group at the European Blockchain Association, to speak at a webinar of the Israeli Chamber of Information Technology (You can find the recording here). His introduction to Self-Sovereign Identity (SSI) was met with great interest and sparked many questions from the audience. But why only take questions from the audience? We asked both experts, which questions they would like to know their peers thoughts about. Here is their exchange about Verifiable Credentials, biometrics, pitfalls and barriers, NFTs, the role of governments and the thing that could make SSI obsolete.

  • What Is Zero Trust? Ping
  1. The network is always assumed to be hostile.
  2. External and internal threats exist on the network at all times.
  3. Network locality is not sufficient for deciding trust in a network.
  4. Every device, user and network flow is authenticated and authorized.
  5. Policies must be dynamic and calculated from as many sources of data as possible.

The customer becomes the integration point. The customer is the API. Rather than having one huge, expensive, and probably illegal data hub, every customer becomes a data hub in their own right. They provide the data needed, just-in-time, under their control.

The EBC team had an insightful conversation with Ivan Basart, CTO at Validated ID, on how Self-Sovereign Identity technology is the ultimate solution to identity problems on the web.

DID does not require analog objects to become digitized, and it does not need expensive sensors or hi-tech tags to work correctly. Instead, it offers an affordable, reliable and versatile way to take offline items out of the digital blindspot.

In this May 2019 blog post, the benefits (The good) of SSI are illustrated with a range of examples, comparing SSI-based business transactions to their current non-SSI-based equivalents and thus more cumbersome.

In addition, examples are given of the disadvantages (The bad); how SSI technology can be misused by unscrupulous organizations and how a combination of technology, knowledge and legislation could mitigate this risk.

Finally, we give examples of the harmful side (The ugly); how SSI technology can be used by criminals and what countermeasures are possible.

The reason why we have seen less uptake in SSI solutions is because the people behind these solutions fail to recognise the design principles that will be most important to its success. Instead, we see people focusing on technological nirvanas like blockchain or an over-emphasis on governance.

What are the common/known strategies for bootstrapping a VDR-based decentralized credential/object platform? …asked naively on purpose. Strategies for placing the first/initial DIDs in the VDR?  …presumably purposed to be the initial Issuer(s) of verifiable

Liquid Avatar Technologies and Indicio.tech will share how together they are transitioning the current KABN ID solution to verifiable credentials by building the Liquid Avatar Verifiable Credentials Ecosystem utilizing Hyperledger Aries, Ursa, and Indy.

If the internet decentralized information and crypto decentralized money and payments, then verifiable credentials will decentralize identity. In this episode, we chat with Dev Bharel, the software architect leading the charge around verifiable credentials at GlobaliD.

This article explores the current state of our online identities, wherein our personal identity is siloed and held by third parties on various servers - and is therefore more vulnerable to cyberattacks. Corporations such as Google offer the ability to use your account with them to access other sites, but this comes with problems of its own:

This blog presents a plethora of benefits of SSI technology to citizens, consumers, business, organisations and government. It also sketches potential abuse of the technology. None of these benefits and threats have already emerged, as SSI technology, its associated business models and its governance frameworks are still developing.

For the opening episode of Identikit Sequent X, Michelle Dennedy welcomes Kaliya Young, also known as The Identity Woman, to Smarter Markets for our latest series examining the evolution of digital identity, and how self-sovereign identity, specifically, can advance a consent-based economy.

it gives complete control and ownership of data to the individual entities as they can decide what data to share and with whom.

Beyond this encompassing vision, lets drill down into the specifics to understand what you can and cant do with SSI.

In order to better understand the benefits and drawbacks of such a verification system, we have to look at the future and work backward to make the right decisions today.

Based on the emergence and critical features of valuable integration of Blockchain and Digital Identity Management, many critical approaches or use-cases could be raised to enhance the decentralisation feature with user identity control. Based on the validation mentioned above, TRST01, through its QR enabled Blockchain technology, has the ability and typical architecture for live integrations and implementations.

Verifiable credentials, DIDs, and blockchain are evidence of what's to come: Web3, a more secure, widespread, machine-to-machine internet.

The evolution of the Principles of SSI came about through the need to differentiate what is true SSI versus marketing forces twisting the concept. This market driven motivator can bring cultish overtones to the process.

Digital trust is often centralised, with select, well-known entities providing an anchor of trust that is propagated to everyone else; you are using this mechanism as you read this paragraph, having accessed a https: URL to find this article on your trusted platform, Medium.

Fluid multi-pseudonymity perfectly describes the way we live our lives and the reality that identity systems must realize if we are to live authentically in the digital sphere.

Enabled by recent advances in the realm of cryptography, mobile devices and decentralized identity standards we can now put citizens firmly in control of their digital identities while ensuring the level of trust needed to unlock the full potential of a digital society.

Authentication and authorization are both processes that fall under the category of identity and access management (IAM), but they serve different purposes.

whats the purpose of SSI? Its about enabling Digital Trust (which is quickly becoming an integral part of digital transformation for organizations).

How do we prove we are who we say we are? In an identity context, blockchains permit people to prove things about themselves using decentralized, verifiable credentials without revealing the actual data.

VC-AuthN OIDC uses the OpenID connect standards to easily integrate with the supported systems and also provides a way to authenticate using the verifiable credentials, giving the control back to the user. This is similar to the traditional OpenID connect, the only difference is in the token information. Rather than using the users information to construct the token, this uses claims in the verifiable credentials presented by the user.

One of the most important steps going forward will be to continue working with the Digital Identity subcommittee in the Wyoming legislature. However, Id also welcome discussions with other states and nations, to ensure that we have great definitions of digital identity that support self-sovereign identity everywhere.

Identity finds its way into everything—even toothbrushes. Careful planning can overcome privacy concerns to yield real benefits to businesses and customers alike.

Heres an easy-to-understand analogy to help your non-technical friends and customers understand public keys and private keys, and how they relate to cryptography and digital signatures.

SSI supports credential leveling, including:

  • Authentication Assurance Levels (AAL) 1, 2 & 3
  • Biometrics to protect your data
  • Affirmation/Metadata

SSI credentials can be used:

  • In person or online
  • For government, financial, or high trust applications (document verification markets)
  • For asset ownership, decentralized finance (DeFi), and crypto markets

In a nutshell, Self-Sovereign Identity allows individuals to manage their own identities by moving physical credentials to digital devices. An individual will receive a credential from an issuer which will be stored in their digital wallet.

Greg is a serial entrepreneur who is probably best known for founding and taking public Dispatch Management Services Corp, the worlds largest on demand dispatch network for urgent deliveries. In a highly interesting career so far, Greg was also Chief Risk Officer at Ripple Labs and a senior analyst for the Board of Governors of the Federal Reserve in Washington. In his latest venture Global ID, Greg is acting on his long-held belief that peoples identity should be truly portable and owned by individuals themselves rather than corporations or governments.

I based my findings after implementing and testing solutions and wallets with the following SSI solution providers:

On October 4, 2021, Facebook, along with WhatsApp and Instagram, disappeared from the internet.

Their DNS names stopped resolving, and their infrastructure IPs were offline. They were completely disconnected from the internet. At the same time, it was reported that 1.5 billion people allegedly had their personal data stolen from Facebook and posted for sale.

lessons I took away from asking tech identity experts Andrew Baker (Head of EC2 Engineering at AWS), our mystery guest and Marius Mare, to why we need self-sovereign identity and why it has such profound implications.

despite the technological revolution we are living through, identity management is still as objectionable as ever, which is allowing criminals and companies (particularly the social media giants) to know more about you than can ever be justifiable.

In this discussion I ask Andrew Baker, AWS's Head of EC2 Engineering and a surprise guest, to share their views on whether Self Sovereign Identity management could be the solution and how likely it is

Identification is key to our success. It determines the jobs we get, the money we make, how we can manage our health, and more. The fact of the matter is that 3.4 billion people have access to legally recognized identification but still have difficulty using that identification online.

Token-based identity systems move us from talking about who, to thinking about what, so that people can operationalize their digital lives. Token-based identity systems support complex online interactions that are flexible, ad hoc, and cross-domain.

This session features a presentation by Wayne Chang who introduces Self-Sovereign Identity and Storage.

In this talk, Wayne reviews the results of support with Tezos addresses, use cases that have been deployed, Tezos DID methods and Tezos profiles. Wayne also gives an overview of the Trail of Bits audit.

A particularly useful aspect of the Verifiable Credentials standard is that the parties undertake the specific roles of Issuer, Holder or Verifier, but they are not constrained in how many roles, or when, they can employ them. Each party can be a device, a person or an institution, meaning that verifications can take place directly between automated systems, even verifying that each other is genuine before establishing a connection to share data

the history of OpenID Connect and how it became so prevalent, with special guests Nat Sakimura, Chairman at the OpenID Foundation, and Petteri Stenius, Principal Scientist at Ubisecure. [...]

“New technology seldomly completely replaces the older technologies. They will form additional layers, and slowly start replacing it.”

Due to the ID-Wallet project in Germany, some articles and comments have equated Self Sovereign Identity (SSI) with blockchain technology in the last few weeks. The impression is given that SSI only works in conjunction with a blockchain. Spoiler, thats not the case.

Self-sovereign identity is the marriage of real identity with the digital world that will ultimately make peoples lives better.² Its still in its infancy, and there is a long road ahead to truly make digital identity as legitimate and nuanced as a real-world identity.

Apart from addressing the pitfalls in conventional identity management systems, SSI allows better functionalities for all users. With a wide range of benefits and the self-sovereign identity blockchain applications, it is important to take a step towards adopting SSI solutions.

This problem was first explored by MIT researchers Shafi Goldwasser, Silvio Micali and Charles Rackoff in the 1980s as a way of combatting information leakage. The goal is to reduce the amount of extra information the verifier, Victor, can learn about the prover, Peggy.

Listen to this episode for an entertaining deep dive into the topic of badges and credentials, as Donald Taylor sits down with Dr. Doug Belshaw to discuss the importance, various fields of application

The public keys of the user and the third-party organization for verifying the digital signature are recorded in a distributed ledger, and the user of the identity information verifies the provided information using them. In this way, users can control their own identity information without relying on a specific central administrator.

In 2021, the average cost of a data breach reached an all-time high of $4.24 million, even though businesses are already spending millions more to combat financial crime and meet their regulatory and compliance responsibilities.

By moving identity to effectively require just a digital device and some sort of connection to the internet, the barriers to these interactions are more easily bridged. Both access to a digital device and availability of an internet connection are increasing, even in new or emerging economies.

Kaliya talking with a colleague from way back Bill Johnston.

On this episode of the Cohere podcast, Kaliya joins Bill to discuss the history of online identity, what events led us to the consolidation of identity into a few centralized platforms, and what steps we need to take to recover and protect our online identities.

Through deceptive marketing practices the first-movers in the Digital ID market have done-away with the sovereignty. As a result a burgeoning new industry is experiencing a Self-Sovereign Identity Crisis.

Solving the identity paradox: the tradeoff between privacy, security, & user experience

As weve moved more and more online, digital platforms and processes have failed to keep up. We cant trust them to collect, store or share our personal information safely. In fact, consumers information is frequently abused and misused without our knowledge or consent.

Imagine being able to rid your wallet of a drivers license, an insurance card, a student or employee ID and more. Imagine not having to worry about losing your passport and vaccination records on a trip abroad, or about the authenticity of the designer shoes you just purchased

Which use cases does SSI have?

What is the disruptive potential of SSIs?

Which risks does the adoption of SSI pose?

What are the challenges and opportunities of SSI?

Where do the limitations of SSI lie?

How can SSI be incorporated into existing infrastructure?

Which steps need to be taken for the proliferation of SSI?

SSI has the power to change the world for the better by flipping the power dynamic surrounding digital identities and trust from large corporations and governments back to the individual. This technology empowers individuals and communities to take back control of both their personal data as well as of their digital assets and identities, and decide exactly how and when this information is to be used and shared. This session explores how SSI-based ecosystems are built and how this transition benefits both individuals and the wider global community.

the digital representation of the identification process we know from the physical world. Things like showing our drivers license to prove we are allowed to drive, or sending a bank statement to a real estate agent to prove our income and account balance.

Presented by Patientory includes Jim St. Claire of LFPH

Self-sovereign identity (SSI) is a movement that claims digital identity should be just as legitimate and nuanced as a persons human identity, while being accessible to all, privacy-preserving, and not reliant on a single government or corporation.

Participants will walk away with an essential understanding of how SSI works, the pain points it solves for, the risks it mitigates, the use cases currently in deployment, and the opportunities that are created by being able to build Trusted Data Ecosystems (TDEs).

All of us have multiple identities at any point. We are sons, daughters, brothers, sisters, parents, partners, friends, colleagues, and more to different people.

Decentralized identity is an emerging concept becoming more popular for online consumers by eliminating the need to pass personal identifiable information (PII) to an ever-increasing number of companies. However, in practice, decentralized identity has only existed for a handful of years, and its potential is still being discovered. So how did we get here?

Self-sovereign identity (SSI) is a movement that claims digital identity should be just as legitimate and nuanced as a persons human identity, while being accessible to all, privacy-preserving, and not reliant on a single government or corporation.

  • Identity management is an iterative process with three core elements initial identification, authentication (re-identifying the individual) and verification (ensuring the individual is who they claim to be)
  • Enterprises employ a vast array of technologies to execute these processes which are growing in scope and complexity
  • Understanding why identity management is necessary to enterprises and how this creates opportunities for vendors

the metasystem guarantees the fidelity of the credential exchange. Credential fidelity comprises four important attributes. Credential exchange on the identity metasystem:

  1. Reveals the identifier of the issuer
  2. Ensures the credential was issued to the party presenting it
  3. Ensures the credential has not been tampered with
  4. Reveals whether or not the credential has been revoked

Connections, relationships, and third-party issued credentials are not entirely self-sovereign, nor should they be. #JolocomAdvent #AdventCalendar

Indicio's CEO, Heather Dahl, and CTO, Ken Ebert, identity wallets, verified credentials, the role of the Sovrin Foundation, and new momentum around interoperability across decentralized identity.

Web 3 has brought a new way to engage with websites, and dare I say, it is almost magical. No cookies, no username, no password, no sharing personal information. I can browse freely and pseudo-anonymously without having to worry about the cookies and terms I was forced to accept.

We are freeing ourselves from the management of “data hash” which leads to a centralization or complexification of verification procedures. This makes our solution new compared to traditional blockchain applications on the market.

Authority Does Not Require Centralized Power

As mentioned in my previous article, the trouble with centralization is that data is stored in a database. Once breached, a database can yield a treasure chest of information to be sold on the dark web.

Verifiable credentials and verifiable credential management technology offer a direct and secure channel between an organization and its stakeholders. Learn how they bring control over digital identity and build trust with organizations from health credentials to college degrees.

As S. Shakthi and I noted in a recent research paper, digital identity systems are widely seen as datafiers by virtue of their core property of reducing the person to machine-readable data. A datafier is a system that performs the crucial operation of converting the physical into digital. A different, contrasting view is also emerging in research: digital identity systems are increasingly seen as platforms, i.e. “technological building blocks” on which different types of complements can be constructed.

This whitepaper is an attempt to understand identity from a governance perspective and the various methods of identification used. In particular, it'll analyse India's digital identity infrastructure its motivations, the benefits it has yielded, and the dangers that might adversely impact it.

Turning identifying features into verified credentials

How exactly does this work? Lets look at the three roles of user, issuer and verifier. Firstly, users can have any number of attributes such as their credit rating, national identity document or driving licence certified by the entity responsible for each attribute.

Since we are experiencing massive boosts in our digital economy in the form of investment and innovation, being able to secure and "own" our PII is crucial. In an unprecedented time of hackable honey pots, we need to be able to protect our online and offline identities.

In case you missed it, learn about a new type of identification... Decentralized IDs (DID)

We talk use cases, benefits, DIDs vs NFTs, and what should and shouldnt go on a blockchain.

FANTASTIC NEW TALK!!!!

WE have a wikipedia article!

Exploring why human trust should be an essential design element in the next generation of digital solutions

The SSI identity system gives you the ability to authenticate your own identity, using credentials you have been issued or information you can verify directly, which is stored in a digital wallet.

This self-sovereign capability of associating the artist, the collector and the art work itself with an identity — creates value for everyone. We did also share that the opportunity of secondary sale income / commission that could be attributed back to him as the original artists is also possible (albeit very complicated).

Back to the Schelling Point - communication requires a common language and understanding. As governments, banks, hospitals, etc. navigate how best to homogenize authenticating user identities in multiple contexts, solutions will depend on user adoption. Maximizing adoption requires avoiding a Schelling point by creating a shared, accessible, and evolving Decentralized Identity Lexicon.

In this video, we explain how third parties get to see a lot of personal information about you that they don't really need. Whether it is your local supermarket or your new job, you're often sharing a lot of data when all they really need is a very simple yes or no answer.

With this presentation we start the Self-Sovereign Identity journey for all Swiss people.

We look forward to exploring further relevant topics with you in the near future!

Authenticity allows parties to a conversation to know to whom they are talking. Confidentiality ensures that the content of the conversation is protected from others. These three create a tradespace because you can't achieve all three at the same time.

Verifiable Credentials, its infrastructure (European Blockchain Services Infrastructure, EBSI), and the vast opportunities that it currently provides, through a users journey (“Evas trip”).

Consumers will benefit in instances such as loan processing (with accompanying credit check verification) or when establishing a new bank account or a new internet contract (with identity and residency manual verification).

Service providers may benefit, as they will be able to minimize fraudulent account creation and simultaneously protect both parties from phishing attacks.

On the @IAlsoPodcast, partner Charlyn Ho discusses w/hosts @nicolekyle and @SophieWHolm #digitalidentity, how #blockchain empowers users to take control of their data, #privacy under #Web2 vs. #Web3, and more. Tune in 🎧: https://apple.co/3IvGVjr. #womenintech #ialsowantmoney

Web 3.0 presents a promise to address the above issues with Identity. The term Web 3.0 refers to a decentralized internet that uses crypto tokens. Decentralization is at the heart of Web 3.0 which has the potential to democratize technology and put the users in control of their data.

Any feedback would be greatly appreciated. Thank you

Self-sovereign identity Definition <-its quite good

Self-sovereign identity (SSI) is rooted in the belief that individuals have the right to an identity independent of reliance on a third-party identity provider, such as the state or any other central authority. Its implementation requires the development of technical standards, as well as socio-political adaptations rooted in legal amendments in order to be successful.

Outside of a few philosophers, social scientists, and a tiny minority of specialized technologists, however, most people feel uncomfortable making any definitive or authoritative statements about identity.

Unlike the existing system, its a user-centric and user-controlled approach to exchanging authentic data in a much more secure way. Authentic data is information thats source can be proven.

blockchain provides a transparent, immutable, reliable and auditable way to address the seamless and secure exchange of cryptographic keys. To better understand this position, let us explore some foundational concepts.

When it comes to authentication, passwords were once the safest and most used methods of authentication

Decentralized digital identities are only possible due to cryptography. One of the cornerstones is asymmetric encryption. A key pair is generated using a cryptographic process. The pair consists of a public and a private key. As the names suggest, the private key must remain private and the public key can be shared.

In this short article, we investigate three different approaches to how SSI concepts map on the blockchain infrastructure.

  • [...]

The third approach is, in a way, derived from the previous one, and is the one pursued by uPort/Serto: the blockchain has one single registry that tracks down just the revocation of credentials,

The Zero Trust model is the belief that no one should be trusted from inside or outside your network, until their identity has been verified. Zero trust refers to the alignment of maturing identity practices, an established understanding of user behaviors, and the application of least-privilege access security policy decisions to trust boundOaries

Multi-factor authentication takes it step further by requiring users to provide proof from two or more authentication factors (categories) before access is granted.

The article goes through some of the challenges we face when using or implementing identity, authentication and authorization solutions using self sovereign identity. I based my findings after implementing and testing solutions and wallets with the following SSI solution providers: Trinsic MATTR.global Evernym Azure Active Directory Verifiable Credentials Different Wallets like Lissi SSI

When organizations employ authentication factors and protocols in a well-thought-out manner, users can still have excellent experiences while security administrators and auditors know operations are being executed securely. As we have seen, there are a number of ways to provide these services in any organization.

"Lets use a token to secure this API call. Should I use the ID token or the access token? 🤔 The ID token looks nicer to me. After all, if I know who the user is, I can make better authorization decisions, right?"

Fraunhofer Institute for Applied Information Technology FIT, Project Group Business & Information Systems Engineering

The relationship between the issuers, holders, and verifiers is called the trust triangle simply because you need an element of trust among these entities for them to work together.

We hope this will get you thinking about enabling SSI using an option that best suits your application or business requirement.

This paper shows that federated identity is really a radical and deeply problematic departure from the way we do routine business. Federation undoes and complicates long standing business arrangements, exposing customers and service providers alike to new risks that existing contracts are unable to deal with. Identity federations tend to overlook that identities are proxies for relationships we have in different contexts. Business relationships dont easily “interoperate."

they offer a few advantages that we dont get with paper records. Whereas a physical document (lets say, a vaccine card) can be forged and passed off as authentic, the security mechanisms behind a verifiable credential means that it can never be tampered with and that anyone shown the credential will be able to immediately verify who issued it and to whom it was issued.

In the context of SSI, selective disclosure is best implemented through verifiable credentials where the user has separate credentials for each piece of information such as his/her date of birth, full name, vaccination details, address, passport number, etc.

Rather than trying to paste everything and everyone together, the path forward to help build trusted ecosystems relies on interoperability and leveraging existing assets while positioning the user in a disintermediated model of control and agency — possible with FPX and verifiable credentials.

Sebastian Gebski's Reviews > Self-Sovereign Identity: Decentralized Digital Identity and Verifiable Credentials by Alex Preukschat, Drummond Reed

highly recommended. I strongly believe that the concept of SSI will be extremely important in the future - that's actually one of the few implementations on the blockchain that make a lot of sense.

Meanwhile, digital platforms have replaced markets as the locus of private wealth extraction. For the first time in history, almost everyone produces for free the capital stock of large corporations. That is what it means to upload stuff on Facebook or move around while linked to Google Maps…. But while capitalism may end with a whimper, the bang may soon follow. If those on the receiving end of techno-feudal exploitation and mind-numbing inequality find a collective voice, it is bound to be very loud.

Theres a lot of “magic” happening under the hood of how software 2FA works. Today, were going to peel back the curtains and see how it works, how the codes are generated, what it protects and doesnt protect from.

long but good overview article.

Modex, one of the earliest players in the blockchain market, has utilized its trademark Blockchain Database (BCDB) solution to develop PatientDataChain, a working proof of concept that utilizes the unique characteristics of blockchain to create a patient-centric ecosystem that gives patients control and ownership of their medical records and identity.

Authentication is the process of proving that a user is who they claim to be to access system resources or features. Typically, this calls for some type of proof, whether that is a physical piece of information, a secret piece of information or some other immutable form of evidence.

In this context, self-sovereignty refers to the ability of the individual or the organization in control of the identity to share it and present it to other agencies with no intermediaries.

The implementation of the electronic signature was a major development in the development in management.

99% of our documents are digitally signed digitally and we have eliminated many face-to-face meetings.

Mobile First • Establish Framework of Trust • Smart City Access • Digital Economy • Financial and Social Inclusion • Enhanced Portability

X.509 certificates have been around for 40 years and have proven to be a trustworthy means of exchanging data. So, what are the differences between X.509 ceritificates and SSI? And what are the advantages of each?

Representation • Interoperability • Decentralization • Control & Agency • Participation • Equity and Inclusion • Usability, Accessibility, and Consistency • Portability • Security • Verifiability and Authenticity • Privacy and Minimal Disclosure • Transparency

By using Decentralized Identifiers (DIDs) creating a unique identifier for each and every different relationship customers can seamlessly set up a new, highly secure, two-way channel with the business

Fittingly, some define wrath as “when anger is directed against an innocent person, and when it is unduly strong or long-lasting.” That feels right if you consider the real-life impacts of disabling someones digital identity without notice.

Apparently gluttony means “overconsumption to the point of waste.” Sadly that feels apt when it comes to customer data APIs.

Put simply, most organizations are unthinkingly collecting more data from customers, without understanding the true impact: the real costs to themselves, and to customers.

6: Breaking Down Silos with Open Ecosystems and True Data Portability

Every company providing a new digital identity solution believes that all the other digital identity options are not good enough, not secure enough, not fast enough. They believe they can do better.

Yet collaboration will be critical to making digital identity work properly at scale.

It all feels like data envy to me. Aristotle described envy as the pain at the sight of anothers good fortune, stirred by “those who have what we ought to have.” Precisely.

“Self-Sovereign Identity not only presents an opportunity for businesses to build smarter, more secure, and more scalable relationships with customers; but it will enable them to completely rethink how they build trusted digital relationships from the ground up.”

We expect Digital Transformation to be a more prevalent talking point around digital identity. FOMO can go a long way, to sell SII, for Goverments and Corporations striving to not be left behind in the digital age.

Mattr

  • Web of Trust 101

    The emerging “Web of Trust” is an idea that has been around since the dawn of the internet. To explain what motivated its creation, lets take a look at how trust on the internet functions today.

  • Digital Wallets

    The reframing of the user as a first-class citizen and their empowerment as holder represents a shift towards a new paradigm. Such a paradigm offers users greater sovereignty of their own information and empowerment to manage their digital identity. Users are able to exercise their new role in this ecosystem by utilizing a new class of software known as digital wallets.

    refers to the authenticity and integrity of the actual data elements being shared.

Also covers Verifiable Relationships, Verifiable Processes, Verifiable Credentials, along with Semantics and Schemas.

  • Semantic Web

    The semantic web is a set of technologies whose goal is to make all data on the web machine-readable. Its usage allows for a shared understanding around data that enables a variety of real-world applications and use cases.

  • Selective Disclosure

    An important principle that we want to achieve when designing any system that involves handling Personally Identifiable Information (PII) is to minimize the data disclosed in a given interaction. When users share information, they should be able to choose what and how much they share on a case-by-case basis, while the relying parties receiving the information must be able to maintain assurances about the presented informations origin and integrity. This is excellent work, with lots of references, by Dr. Nuttawut Kongsuwan (Finema & QTFT), and Rachata Tosirisuk (Thailand Internet Exchange, Finema & QTFT).

  • Anonymous Credential Part 1: Brief Overview and History

    An anonymous credential (Anoncred), which is also known as an attribute-based credential (ABC), is a concept for a digital credential that provides a credential holder maximal privacy and an ability to selectively disclose their personal information.

  • Anonymous Credential Part 2: Selective Disclosure and CL Signature

    selective disclosure and an anonymous credential (Anoncred) relies on an efficient signature scheme that supports multiple messages with a single signature. One such signature scheme is known as CL signature that is named after its Jan Camenisch and Anna Lysyanskaya […] CL signature popularized Anoncreds, and it also served as a cryptographic building block in Identity Mixer (Idemix) and Hyperledger Indy projects.

  • Anonymous Credential Part 3: BBS+ Signature

    Compared to the CL signature, the BBS+ signature has much shorter keys and signatures for a comparable level of security. As a result, the BBS+ signature enables fast implementation for anonymous credentials. It can be used in combination with signature proof of knowledge to hide some of credential attributes/messages in a zero-knowledge fashion.

The BBS+ signature will also soon be available in Finemas Identity Wallet! We are excited to see how this technology will make an impact to the society in the coming years.

  • Trust Frameworks

    Trust frameworks are a foundational component of the web of trust. A trust framework is a common set of best practice standards-based rules that ensure minimum requirements are met for security, privacy, identification management and interoperability through accreditation and governance. These operating rules provide a common framework for ecosystem participants, increasing trust between them.

  • The trust infrastructure of self-sovereign identity ecosystems

    The trust infrastructure is concerned with the question of how and why the presented information can be trusted. It defines the rules for all stakeholders and enables legally binding relationships with the combination of governance frameworks, which are built on top of trust frameworks.

includes a section on the core components of identity architecture that includes a graphic based on a post by Phil Windley

What is the value of Self-Sovereign Identity (SSI) for organisations and citizens? What are the current initiatives and traction of SSI in South Africa? What are the economic benefits and the hurdles to SSI adoption in South Africa?

Turning credentials into digital form isnt new, but decentralizing identity goes beyond that. It gives individuals the ability to verify their credentials once and use them anywhere as proof of attestation.

  1. Identify use cases: A framework and examples will help you discover opportunities to create value for your organisation and stakeholders.
  2. Select use cases: A matrix and different selection criteria will help you analyze and prioritize opportunities based on your strategy and requirements.
  3. Select ecosystems: An elaboration of identity ecosystems and a simple approach for selecting the right one(s) based on your organisations operating model.
  4. Plan your Implementation: Guidance for setting project requirements, technology selection and answering the question of “buy or build”.
  5. Implement your Pilot: Tips to make sure you get the most out of your pilot project

NFT use cases can be found wherever theres a need to digitally model ownership. In other words, the list of use cases is long and NFTs will likely be among the most important building blocks on which the digital world (or something like a metaverse) will be built.-

New major white paper by Phil Windley with the Blockchain Research Institute

the relationship view of identity, the nature of authentic digital relationships, the trust bases of identity systems, and the architecture of the identity metasystem, including decentralized identifier communication and the self-sovereign Internet. He then explores how to operationalize digital relationships and the potential of generative identities (e.g., verifiable credentials) and credential exchange. He concludes with a deep dive into self-sovereign identities in production: the UK National Health Service staff passport, Bonifiis MemberPass for credit unions, the International Air Transport Association Travel Pass, and others.

Similar actions conducted in person do not represent the same amount of risk. For example, if someone asks you to verify your identity, we show our ID or drivers license, and when you pay at the store, you provide your bank card. In this way, the control and the ownership of the data stays with you.

Part I: The Five Guiding Principles

Secure, Private, Available, Supervisable, Sustainable

Part II: The Direct Presentation model

A credential is issued, and then held for a long period of time with intermittent voluntary presentations to many different verifiers.

Part III: Decentralized Identity: The Basics of Decentralized Identity

At the most basic level, decentralized identity is the story of three standardized documents: a proclamation, a letter of introduction, and an endorsement.

Part IV: Deep Dive: Verifiable Credentials

Part V: Deep Dive: Anchored Decentralized Identifiers

PKI has created a global trust framework for the web. But the war in Ukraine has shone a light on its weaknesses. Hierarchies are not good architectures for building robust, trustworthy, and stable digital systems.

The adoption of verifiable credentials is another fundamental part of the SSI concept. Verifiable credentials use a digital signature for identity claims by combining public-key hashing cryptography and privacy-protection techniques to convert credentials like ID cards to digital versions.

10min Video Montage

Episode 4 explores the relationship between authentication and authorization, the rise of single sign-on platforms, and the advantages of and use cases for self-sovereign identity. Guests include Brian Behlendorf, Rainey Reitman, Danny O'Brien, Sarah Friend, Wendy Hanamura, Andrew Hill, and Brad Kam.

(the) Use Case

Great explainer - infominer

How does this change the world of cybersecurity protection? Typically, bad actors approach cybersecurity attacks by developing solutions that exploit the attack vectors of their target victims.

There are 4 attack vector categories to self-sovereign identity that map directly to each element: Issuer, Holder, Trust Registry and Verifier.

Identity Proofing

Join Frank Albanese (Snapbrillia), Lance Byrd (RootsID), Nick Mason (ProofSpace), Niels Kijf (Design Academy), Patrick Suzzi (F8 OSDE), Juan Sierra (HERG), Zoéys Welt, Brian Harper, Ashton Engberg, Ninh Tran (Snapbrillia) and many others as the community discusses the different what is SSI & Proof of Reputation and why it matters.

Presentation: https://bit.ly/3OmuIRx

how do we advocate for learner-centric badge systems? This is the piece that weve been thinking about the past couple of weeks.

Lets look at a few pointers that I believe make it hard for the web3 protocols to work for businesses and users in general

True decentralization in the digital world means that once verified, your PII is on your phone and under your control. The data doesnt live anywhere else.

  • The tools Kaliya and Lucy are developing to enable self-sovereign identities
  • Whether anonymity or pseudonymity is feasible while maintaining accountability
  • Wallet Wars: how might wallets evolve and consolidate across the public and private sector

Digital identity data is introduced as having a positive impact on Germanys future as well as Europes. Following, benefits of a decentralized identity based on a fully open infrastructure are given.

We have a widely accepted Standard Model of Identity, or architecture, in which Subjects, Identity Providers and Relying Parties (aka Holders, Issuers and Verifiers) hold, present, exchange, use and/or consume digital identities.

Commonly associated with blockchain and the Self-Sovereign Identity movement, Verifiable Credentials are in fact an old idea.  It is instructive to break down their essential properties and examine the pioneering examples.

we examine more closely whether self-sovereign identity can increase or reduce risks for data misuse in certain cases.

The only ones who will benefit from your digital ID are the Issuer (who gave you the credential), holder (you) and verifier (who youre sharing it with).

Relative to the Indian context

Professor Manindra Agrawal, Department of CSE, IIT Kanpur, explains how the self-sovereign identity system can ease issues like certification, verification and eliminate forgery of identity using blockchain technology.

this is a collaborative effort — one bigger than a single individual or organization — and the whole Web3 space should work together.

I reckon most cases of over-identification stem either from bad habits (e.g. RPs gathering circumstantial AuthN signals) or from Surveillance Capitalism. Either way, better deals for users will come from better design, not by weaponising Digital Identity (SSI, DIDs).

The value of verifiable credentials and the critical role they will play to our future digital identities is undeniable. As we enter a new era of online representation, trust in the internet will need to be vigorously robust.

The passwords that have been declared dead are far from dead. Nevertheless, the way in which users authenticate themselves is changing towards more security and convenience.

Many (most) identity systems make a fundamental assumption that is built into their very architecture. This assumption creates three significant problems: privacy erosion; toxic data stores; and poor security.

You will take back control of your identity and hold it. Not Facebook, not Google, and you will decide what credentials to share on a need-to-know basis. We dont have to be scared of the shift; we have to ensure the architecture is built ethically for all

The value of verifiable credentials and the critical role they will play to our future digital identities is undeniable. As we enter a new era of online representation, trust in the internet will need to be vigorously robust.

In “Self-Sovereign Identity,” Johannes Sedlmeir makes a clear distinction between two concepts too often mixed: “identity” and “identifiers”. What we are experiencing in todays Web are some external organizations identifying us as citizens, community members, customers, etc. But this isnt our “identity.” Those are identifiers.

35min course!

In the Fundamentals of Decentralized Identity certification, you'll learn how Verifiable Credentials, Decentralized Identifiers and Blockchain work. Complete the course, level up your skills and receive your certificate as a digital Verifiable Credential.

The idea that as a user of SSI I have complete sovereignty over my digital identity is often misunderstood. At its core, SSI is about my digital identity being under my own control, so I can decide to whom I show my data, when, and for what.

data security is about system-wide design, where many different elements need to fit together to create a working whole.

Friends of the late computer scientist Kim Cameron took the opportunity of gathering at the KuppingerCole European Identity & Cloud Conference (EIC 2022, to remember Cameron, his life and contribution to digital identity and beyond via his 7 Laws of Identity.

Identity represents a great asset. But we do not have control of this asset, as it is in the hands of organizations, governments, institutions, etc. These entities know everything about us from all this data.

Drummond Reed and Alex Preukschat, co-authors of Manning Publication's new book 'Self-Sovereign Identity,' for a conversation on the book's development and recent release and what the future holds for SSI as a technology, architecture, and movement.

How is it possible that the Internet has spread and developed to such an extent, while the unambiguous digital identification is not yet feasible?

  • What will happen if I dont jump on this train?
  • What would it mean if I didnt have to own my customers digital identity but establish a deep digital relationship with them instead?
  • Do I have the capacity to learn about this? If not, who do you trust to figure it out both on the business and technical sides.
  • What changes when digital identity becomes a revenue driver and asset for your business? (hint: top and bottom line)
  • Which of my competitors is probably already doing this?

Decentralized identity (DID) is a way for users to own their identity, using specific credentials to verify their identity to applications. These credentials, called Verifiable Credentials, enable you to do this. Verifiable Credentials are identity attestations that come from a trusted issuer, like proof of a workplace, student IDs, or official memberships.

Weve been involved in some really cool work over the last few weeks focusing on the issuance of vLEIs and associated role credentials. Specifically, Ubisecure was the credential issuer for the GLEIFs vLEI proof of concept project and issued the worlds first vLEI to the GLEIF, which was then used to sign the GLEIFs 2021 annual report.

This series is intended to be a basic, easy-to-understand introduction to SSI, but for a much deeper dive, check out Hypersign Labs — our technical blog. Heres a good place to start on SSI:

As a result of limited and known users there was no layer of identity and authentication in the design of internet framework. With the invention of the World Wide Web (WWW), the users made it a common platform for data sciences. Various sectors of society like health and finance have started using the internet for their services.

Eventually, SSI will give people a super simple way to do the following and more:

  1. Protect sensitive identity information like SSN and birthdates to reduce the likelihood and impact of identity theft
  2. Securely prove your identity or things about yourself in a way that institutions can trust
  3. Maintain privacy and reduce the ability for corporations or nefarious actors to track you without your consent
  4. Conveniently get access to services you need without usernames and passwords

I have developed a pet peeve for "technosolutionism": the notion that a sufficiently innovative technology can solve a social problem, or a business problem, without complex and nuanced changes to social and business practice.

Even with a little bit of input and discussion, you can see the shift to words such as inclusivity and phrases such as being more accessible or getting everyone involved.

The very center of the digital identity is your documents: from your National ID or Passport to your degrees, mobile phone number, bank account number, or your medical records. Anything that is intrinsically bound to you is your data and therefore your identity. While talking about SSI these are called Verifiable Credentials (VC).

The DID model allows you to establish a relationship between your private key (your blockchain wallet) and your citizenship.  The issuing authority signs off on the truth of your claim and, thereafter, third parties can check your public key to see that the holder of the private key is in fact a British citizen.

●  What is identity?

●  The different ways Trinsic can be used by developers.

●  Ways to disrupt or democratize the current model of identity.

●  Decentralized identity and its many use cases.

●  The continued need for anonymity in a digital identity world.

●  How identity will evolve with web 3 and the metaverse.

Our goal has been to completely abstract away the complexity of the ever-changing landscape so organizations can focus on the important stuff—what product to build, and how to take it to market. Teams shouldnt have to “pick winners” and wager what to build on. Their products should be interoperable with multiple ecosystems. Thats what Trinsic is providing, out-of-the-box.

  1. Credential metadata: This might be cryptographically signed by the issuer and contains the credential identifier as well as properties about the credential itself such as the expiry date and who the issuer is.
  2. Claim(s): A tamper-proof set of claims made about the credential subject such as someones employee number and job title.
  3. Proof(s): Cryptographic method that allows people to verify

yeah so at spruce our mission is to let users control their data across the web we think that instead of users logging into platforms and trying to rest control over their data there platforms should have to log into the user's data vaults and the users can have at their discretion all the control over their data vaults and how their data are used

One way to avoid password-related problems is to use decentralized identity management. This method is relatively new, so the best way to gain knowledge about it contact the experts. For this reason, we are speaking with Mike Vesey, CEO of IdRamp.

give direct input towards our product improvements and be the first choice for research recruiting opportunities.

  • Teach you how to create your first application
  • Learn about authentication and authorization credentials
  • Set up hosted authentication with Okta and try it out

SSI framework is adopted in Germany and throughout the EU as a key

privacy-by-design framework. Through its membership in DIACC, One37

contributes to the future of digital identity by leveraging the lessons from

its own real-life use-cases in Canada where Verifiable Credentials play an

increasingly crucial role.

traditional KYC/AML practices can give way to a more practical framework, where businesses can remain compliant with regulations and collect data without threatening privacy, data security, and breaching data laws.

recently-released Crypto in KYC Growth through trust ebook helps organizations to better understand the notoriously unstable market

The Verifiable Credentials specification by W3C provides a way to express credentials on the web. In this article Im giving an overview of components and terminology related to VCs, and also some information about other technologies and specifications that are needed when implementing Verifiable Credentials.

What are verifiable credentials? In this episode we are joined by Indicio software engineer Char Howland for an introduction to what this technology is and what it can do.

So I propose this outermost framework to help us think about how to interact with shared information environments

Even though some questions are still unanswered, self-sovereign identities will unlock enormous economic value. If you want to get some initial experience with SSI you can try the available open-source technologies. A successful proof of concept will enable companies to see the possibilities of the new technology and harness this potential more effectively.

What is decentralized identity in blockchain? Cointelegraph

Are Self-Sovereign Identities on blockchain technology the future? Kook Content

Self-sovereign identity: an ecosystem of digital identities Ergon

Self-Sovereign Identity Explained Zaisan

The Top Five Misconceptions around Self-Sovereign Identity (SSI)

We all have a cybersecurity problem, and SSI represents the most current thinking to address it.  For that reason, we believe that SSI is not just another technology.

GlobaliD 101: Bring Your Own Identity

Part 1: What a smart and humanistic approach to digital identity would like

Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how its broken, today)

Part 3: Why the ID Wallet is the first step toward achieving a new vision for digital identity

Part 4: Why every company is an identity company

  • [...]

There is a real opportunity to combine technology that is being developed with the concept of BYO Identity that will create a new identity framework where you own and control your data.

Centralized\Federated vs Self Sovereign dominiumssi

Self-sovereign identity: an ecosystem of digital identities Ergon

Making Identity Easy for Everyone - Heather Flanagan, Spherical Cow Consulting Ubisecure

Heather Flanagan discusses making identity easy for everyone how to explain digital identity to people outside of the identity industry, why is it important for everyone to understand, and what the industry can do to improve the understanding of identity for everyone.

how to explain digital identity to people outside of the identity industry, why is it important for everyone to understand, and what the industry can do to improve the understanding of identity for everyone.

Trust Registries allow us to know that the various shared credentials (e.g. proof of insurance) are accurate. A Homeowner can ask their Digital Wallet to verify an insurance Credential that the Contractor is honest.

Most are probably not "written" in the normally understood sense of the word (auto-scraping and ctrl-c and ctrl-v isn't writing). Many are probably not written by a person at all.

There is a real opportunity to combine technology that is being developed with the concept of BYO Identity that will create a new identity framework where you own and control your data.

The two main ingredients of SSI are verifiable credentials (VCs) and decentralized identifiers (DIDs).

No other additional information is needed to complete this data exchange. So how do you know that the information being provided is authentic? The identity proof uses a cryptographic hash function that confirms beyond any doubt that the identity claim is accurate.

The public keys, as the name implies are there to view anytime and are used for exchanging information and can be revoked, however, the private key is for the account holder himself, be that an issuer, a verifier, or a subject. It is only through a private key that one can pass on his credentials using his DID to an issuer who then validates the credentials and sends them to the verifier using his DID.

issuers or verifiers can only access the information shared by the DID holder. This information exchange can occur through various technologies, like NFC, QR, or Bluetooth. Zero-knowledge proofs are applied to restrict full information access.

That way, your sensitive personal data is stored locally on your own device rather than hosted on some companys server that becomes a target for hackers.

Oldie but Goodie by Kim Hamilton Duffy from when she worked at Learning Machines

Technically, Verifiable Claims are claims made about a “subject” (identified by a digital identifier such as a DID) that are rendered tamper proof through digital signatures. The authenticity of digital signatures may, in turn, be established through issuer identifiers, which may also be expressed as DIDs.

On this episode of “Money Reimagined,” hosts Michael Casey and Sheila Warren are together again but this time, at Converge22 by Circle. They discuss the challenges of identity and verification in the U.S. and in other countries with Daniel Buchner, head of decentralized identity at Block; and Chi Nnadi, the co-founder and CEO at Mara.

a panel discussion with Akhilesh Srivastava (IT Advisor at Government of Uttarakhand), Mallikarjun Karra (Director of Research And Partnerships at Timechain Labs), Prof. Sandeep Shukla (Computer Science & Engineering at Indian Institute of Technology Kanpur), Swapnil Pawar (Founder of Newrl) and Ishan Roy (Head of Blockchain at Tamil Nadu E-Governance Agency)