41 KiB
published |
---|
false |
European Identity
Oskar van Deventer, a rockstar from TNO, presents:
ways to build an SSI ecosystem and architecture together that is interoperable and technologically mature fit for society and funding opportunities for SSI projects through grants.
- EU Data Governance Act (Meeco)
We welcome the regulation as a needed common ground for clarifying the role of data intermediaries, building trust in these intermediaries and setting the direction for data governance, including the emergence of digital human rights.
In this context we offer the following suggestions:
- Explicitly include individuals as active participants in the definitions [...]
- Clarify the scope of the data sharing services (Art. 9 (2)) and extend it to include services that empower the data subject beyond compliance.
- Foster the growth of intermediaries, which offer new technologies and have the greatest likelihood of success in Europe if supported by the Data Governance Act.
- Open silos and implement soft infrastructure such as standards & open APIs to accelerate uptake and interoperability between data sharing services.
- Foster eco-systems and demonstrate the value through practical use-cases.
- Create a level playing field for sustainable data sharing by providing funding to pioneers at the forefront of developing data eco-systems
- Meeco Review of the European Data Strategy - Whitepaper
- IDunion enters the second project phase initiated by the Federal Ministry of Economic Affairs and Energy of Germany
- The Federal Ministry for Economic Affairs and Energy (BMWi) has selected IDunion for the second phase of the innovation competition “Showcase Secure Digital Identities”.
- The three-year implementation phase began on April 1, 2021.
- The goals of this new project phase includes the establishment of a European cooperative, the launch of a production network and the implementation of 40+ different pilot applications from several areas.
- Self-Sovereign Identity and Government – Data Exchange Cybernetica
The previous post focused on identity as a single topic, pulling it away from the data exchange component where it has recently become muddled up. In terms of identity, self-sovereign identity (SSI) and traditional public key infrastructure (PKI) based offerings are, for the most part, on the same page.
- The European Single Identity System “Back to the Future”
What are the Pros and Cons? - ISSE 2020 Webinar 3 (Tim Bouma says to watch this)
Without a clear vision on identity, society will have no agency since the capability to produce future value (data) is not under regional, nor national, nor international regulated control.
Therefore it is important to have a good overview of what is happening in different parts of the world to see if we can not combine innovative solutions.
In episode 40, Roland fills us in on how Verimi works and its privacy-by-design cornerstones, including data minimisation. Oscar and Roland also discuss the digital identity landscape in Germany
- The EU Digital Green Certificate Program Evernym
Although the EU’s approach to COVID-19 health certificates (the Digital Green Certificate implements existing technology and supports both paper and digital credentials, offline usage, and speedy verification, it makes a number of security and privacy compromises. Our analysis found it to be inherently centralised and better suited for low assurance use cases.
- Verifier Universal Interface by Gataca España S.L.
- Automated data agreements to simplify SSI work flows by LCubed AB
- Presentation Exchange – Credential Query Infra by Sphereon B.V.
- Letstrust.org by SSI Fabric GmbH
- WordPreSSI Login by Associazione Blockchain Italia
- SSI Java Libraries by Danube Tech GmbH
- NFC DID VC Bridge by Gimly
-
MyDex is working with the Scotish Government
MyDex is a community interest corporation that has been working on building real products in the real world. They wrote about the ongoing work enabling public sector organizations to give citizens verifiable attributes they keep in their own data stores and can prove to other parties without the issuing organization in the middle.
-
State of SSI in Europe and Necessity for Network-of-Networks (convened by Sovrin) by Andre Kudra
- [Andre] Introduction and the role of Sovrin Foundation around the topic of SSI
- Focus of this session is around SSI in Europe (from business and related perspective)
- Hyperledger Indy and Aries technology stack
- ‘Network of networks’ which has been a key concept at the Sovrin Foundation
- The topic is meant to be a conversation as an outline based on material information which can be shared publicly
- EBSI is one of the funded projects from the EU
- ESSIF is one of the projects in this portfolio - have issued a request for proposal for consulting (not in the network of networks topic but other areas)
- Findy (Finland) - yet to go live. Has public and private partners.
- Projects underway at Spain and other member nations in EU
- Substantial funding behind Indy based technology stack deployments are being seen
- Germany has 3 major streams active in the identity space
- Gov digital (for public sector)
- ID Union - 2 fold - a project and a L1 Utility (as per the Trust over IP definition) project and Governance Framework; has started in 2020. Will be building a lot of use cases on Indy/Aries over a period of 3 years Includes EU member states and the 3 non EU nations. ID Union activity will have contributions to open source projects
- Germany is running an SSI pilot based on the Aries framework. First use case — hotel check in for business travelers (two data types: ID; corporate billing address). German eID card will be used to generate a VC by issuing on behalf of the issuer of the eID card.
- Mixed bag of projects and technologies which underline the topic/concept around ‘network of networks’. Organizations will come up with their networks and interoperability would be something that is inbuilt.
- EU Commission has identified the necessity of making this happen. So no ‘one blockchain to rule them all’. A cooperative approach would be needed to get into NoN - tokenisation, IoT etc have been part of the requirements
- 3 Sovrin member organizations have jointly created a position paper to address the necessity of this approach of NoN. This approach is endorsed by the Sovrin Foundation.
- Universal resolver, multi-ledger wallet etc are key components. A side-project to make a tangible NoN experiment is on the cards.
- [Andreas] https://joinup.ec.europa.eu/collection/ssi-eidas-bridge/about
- [Alex Blom] https://vimeo.com/522501200
- https://gitlab.grnet.gr/essif-lab/infrastructure/validated-id/seb_project_summary
- https://github.com/validatedid/eidas-bridge
-
EU Announcement: European Digital Identity
-
The EU Announcement is the Biggest Ever in SSI Credential Master
Timothy Ruff’s analysis and commentary on the EU Announcement this week about its new digital identity strategy.
-
EU plans digital ID wallet for bloc’s post-pandemic life
The European Digital Identity Wallet proposed by the EU’s executive commission is a smartphone app that would let users store electronic forms of identification and other official documents, such as driver’s licenses, prescriptions and school diplomas.
-
EU decision on Identity Wallet: Starting signal for a seamless digital future
Last week, the EU Commission published a draft for the so-called digital identity wallet “EUid”. According to it, within 12 months of the law coming into force, every EU state must provide its citizens with a digital wallet.
-
Where Stands the Sovereign Self? Kuppinger Cole
Doc Searls, Co-founder and board member of Customer Commons, and Director of ProjectVRM, is to deliver a keynote entitled Where Stands the Sovereign Self? at the European Identity and Cloud Conference 2021. [...] we asked Doc some questions about his planned presentation.
Talao’s team is excited to announce the development of the first Decentralized Self-Sovereign Identity (SSI) solution built on the Tezos blockchain for the Human Resources industry. The digital wallet created by Talao will enable companies to issue verifiable professional credentials and for employees to store work history and other personal data.
Discover Eva’s journey using the blockchain solution developed by the European Commission and the European Blockchain Partnership members: the European Blockchain Services Infrastructure (EBSI) - http://ec.europa.eu/cefdigital/ebsi
With the Digital Services Act (DSA), the European Union is to adopt landmark legislation that will create a framework to regulate online platforms around the world. The DSA will have an impact on the free expression of opinions online, our choices as consumers, the right to privacy and the basic mechanisms of the global Internet.
Gov.UK
● secure the UK's status as a global hub for the free and responsible flow of personal data - complementing our ambitious agenda for new trade deals and data partnerships with some of the world’s fastest growing economies
● reinforce the responsibility of businesses to keep personal information safe, while empowering them to grow and innovate
● ensure that the ICO remains a world-leading regulator, enabling people to use data responsibly to achieve economic and social goals
-
“The next iteration of the framework mentioned earlier is due to be published this summer and I look forward to that. It will be essential for that work to not only be underpinned by the twelve guiding principles but also to swiftly ‘sandbox’, stand up parallel proofs in specific sectors and proceed with pace.”
-
Blockchain-enabled Self-Sovereign Identity
Martin Schäffner, the initiator of the EuSSI Working Group of the European Blockchain Association and expert in Self-Sovereign Identity, explains the concept of Self-Sovereign Identity and how it differentiates from conventional digital identities.
The following article discusses the technical requirements needed to protect our personal data and to ensure a safer digital world. It presents solutions for creating an open and secure IT infrastructure where data privacy can always be guaranteed. The article has been written by esatus, founding member and lead of the “Secure Platform” working group, a thematic group within the IT Security Association Germany (TeleTrusT).
-
Commission proposes a trusted and secure Digital Identity for all Europeans
However, there is no requirement for Member States to develop a national digital ID and to make it interoperable with the ones of other Member States, which leads to high discrepancies between countries. The current proposal will address these shortcomings by improving the effectiveness of the framework and extending its benefits to the private sector and to mobile use.
-
Digital Identity for all Europeans
- Available to any EU citizen, resident, or business in the EU who wants to use it
- Widely useable as a way of identification or to confirm certain personal attributes for the purpose of access to public and private digital services across the EU
- Giving full control to users to choose which aspects of their identity, data and certificates they share with third parties, and keep track of such sharing
-
TechCrunch Europe wants to go its own way on digital identity
Alongside today’s regulatory proposal they’ve put out a recommendation, inviting member states to “establish a common toolbox by September 2022 and to start the necessary preparatory work immediately” — with a goal of publishing the agreed toolbox in October 2022 and starting pilot projects (based on the agreed technical framework) sometime thereafter.
“This toolbox should include the technical architecture, standards and guidelines for best practices,” the commission adds, eliding the large cans of worms being firmly cracked open.
The legal instrument aims to provide, for cross-border use:
– access to highly secure and trustworthy electronic identity solutions,
– that public and private services can rely on trusted and secure digital identity solutions,
– that natural and legal persons are empowered to use digital identity solutions,
– that these solutions are linked to a variety of attributes and allow for the targeted sharing of identity data limited to the needs of the specific service requested,
– acceptance of qualified trust services in the EU and equal conditions for their provision.
eIDAS
-
SSI eIDAS Legal Report – Ignacio Alamillo – Webinar 55
The European Commission developed the SSI (Self-Sovereign Identity) eIDAS bridge, an ISA2 funded initiative, to promote eIDAS as a trust framework for the SSI ecosystem. It assists a VC (Verifiable Credential) issuer in the signing process, and helps the verifier to automate the identification of the organization behind the issuer’s DID (Decentralized Identifier). Simply by “crossing” the eIDAS Bridge, a Verifiable Credential can be proven trustworthy in the EU.
-
eIDAS and Self-Sovereign Identity (Video Dingle Group
Why then is eIDAS v1 not seen as a success? There are many reasons; from parts of the regulation that focused or constrained its use into the public sphere only, to the lack of total coverage across all of the EU. Likely the key missing piece was that the cultural climate was not yet ripe and the state of digital identity was really not ready. Too many technical problems were yet to be solved. Without these elements the realized state of eIDAS should not be unexpected. All this said, eIDAS v1 laid very important groundwork and created an environment to gather important learnings to allow eIDAS v2 to realize the hoped for levels of success and adoption.
-
Legal compliance and the involvement of governments SSI Ambassador
It’s currently possible to be eIDAS compliant with SSI, leveraging one out of five scenarios described in the SSI eIDAS legal report by Dr. Ignacio Alamillo Domingo. Especially interesting is the SSI eIDAS bridge, which adds legal value to verified credentials with the use of electronic certificates and electronic seals. However, it’s also possible to derive national eIDs notified in eIDAS, which are eIDAS linked by issuing a verifiable credential with a qualified certificate according to the technical specification.
eSSIF Lab
Blockchain Certified Data Academic Verifiable Credentials (Academic VCs) – https://www.bcdiploma.com/ Upstream Dream AB Patient-controlled information flows for learning health systems (The LHS project) – https://www.genia.se
Mopso Srl Amlet (A.W.) – https://www.mopso.eu/
Credenco B.V. Digital Certificate of Good Conduct (CoCG) – https://www.credenco.com
Stichting CherrytwistDecentralized Open Innovation Platform (DOIP) – https://alkem.io
Truu LtdHealthcare Professionals Digital Staff Passport (Health DSP) – https://www.truu.id
Fair BnB Network Società Cooperativa Stay Fair, Play Fair – a co-operative habitat for music – https://fairbnb.coop/
ZENLIFE SARL-S Zenlife eConsent – https://zenlife.lu/ – under construction
LearningProof UG HonorBox-SSI – https://learningproof.xyz
WorkPi B.V. Work Performance Intelligence (WorkPi) – https://workpi.com/
yes.com AG European Bank Identity Credentials (Eubic) – https://www.yes.com
-
Gimly in eSSIf-lab: self-sovereign identity and NFC smartcards
Gimly is participating in the European SSI infrastructure programme (eSSIf-lab), building a bridge for the implementation of NFC smartcards with secure elements as physical SSI identifiers. Our aim is to enable self-sovereign identity for both online and offline identification, authorization and access management, with a decreased dependency on the use of personal smartphones.
-
Alex Norta | NGI Explorers Third Expedition: meet the Explorers
Meet Alex Norta, associate professor at TalTech who talks about his project “Self-sovereign multi-factor identity authentication using smart-contract blockchain technology”, that will be carried out in collaboration with the University of Central Florida
The project SSIComms adds SSI to internet communications by adding SSI wallets to the renowned SYLK Suite, an award winning ensemble of communications solutions with the SIP protocol at its core.
The SSI mandate service is a generic and holistic approach to provide and request mandates. Mandates are SSI credentials signed by the dependent that can be requested by either the dependent or authorized representative. These credentials can be used to prove to a verifier that the authorized representative is authorized to act for specific actions on behalf of the dependent.
The objective of the topic is to develop, implement and scale up the European Digital Identity framework, based on the revised eIDAS regulatory framework as well as the exchange of evidence as set out in article 14 the Single Digital Gateway Regulation. The broader objective of European Digital Identity is to improve citizen’s access to highly trusted and secure electronic identity means and trust services such as digital signatures, improve citizens’ possibilities to use them and improve their ability to control over sharing their personal identity data.
The concept of SSI was designed with the citizen and privacy in mind. However, existing implementations lack user-friendliness (e.g. showing hash codes to users), creating potential barriers in users’ adoption. OnboardSSI focuses on providing a secure and user-friendly wallet solution creating an easier way for citizens to manage their identity.
- EU Grant to Help Building Blockchain Infrastructure. Sphereon
We’ll be providing a Presentation Exchange that creates interoperability between W3C DIF-compliant Verifiable Credentials and Hyperledger Aries-based Verifiable Credentials for the European Blockchain Services Infrastructure (EBSI).
- eSSIF-Lab’s ecosystem: 2nd batch of winners: Infrastructure Development Instrument
another 7 proposals selected, out of 29 that were submitted before the second deadline of the Infrastructure-oriented Open Call
- eSSIF-Lab Vision and Purpose
The context of the eSSIF-Lab vision can be found in articles 8-10 of the European Convention on Human Rights (ECHR), that state the rights of individuals regarding their privacy, and their freedoms to collect, process, store, and express information in a self-sovereign fashion, i.e. in a way that they can decide for themselves.
-
Trust is not something that is given, but something that parties (un)consciously assess, and decide about, and changes over time. Since parties are autonomous, their trust is highly subjective. As a consequence, the idea of having 'trusted registries', 'trusted issuers' that do not take this subjectivity into account basically act as (centralized) authorities, denying that parties are autonomous. While we acknowledge that such ideas (have a right to) exist, we do not follow them.
-
NGI Forward SALON ON DIGITAL SOVEREIGNTY IN eID-Solutions2:Self-sovereign, Centralised or Privatised
We are in a very interesting historical moment where forces (and solid arguments) for centralization and forces (and solid arguments) for decentralization seem to hold each other in check. Without a clear vision on identity, society will have no agency since the capability to produce future value (data) is not under regional, nor national, nor international regulated control
-
Meet the eSSIF-Lab’s ecosystem: The Infrastructure Development Instrument second tranche winners NGI Community
2nd tranche winners are the following:
- Verifier Universal Interface by Gataca España S.L. – Building Standard APIs for Verifier components to enable SSI interoperability
- Automated data agreements to simplify SSI work flows by LCubed AB (operated under the brand iGrant.io) – Adopt SSI and make it consumable for both organisations and end-users
- Presentation Exchange - Credential Query Infra by Sphereon B.V. – Presentation Exchange Interop and Integration
- Letstrust.org by SSI Fabric GmbH – Self-Sovereign Identity for everyone: Enterprise & Consumer Cloud Wallet (OIDC-based), Credentials & SDKs as a basis for applications - free
- SSI Java Libraries by Danube Tech GmbH – Improving and completing a set of generic, open-source Java libraries for working with DIDs and VCs
- WordPreSSI Login by Associazione Blockchain Italia – SSI Login for every WordPress site
- NFC DID VC Bridge by Gimly – Enabling the use of NFC secure elements as DID and VC transport for off-line and online identity, authorizations and access management
- The eSSIF-Lab (European Self Sovereign Identity Framework) has announced the winners of two of its different calls for funding
- Infrastructure Development Winners including SICPA, Jolocom, Evernym, ValidatedID
- Business-Oriented Programme including Danube Tech, Domi, Jolocom
-
Verifiable Credentials Lifecycle - EBSI Documentation - CEF Digital European Commission
-
Why and how to make your digital wallet conformant with EBSI? European Commission
Creating EBSI's Verifiable Credentials Profile containing all the EBSI specifications.
- On-boarding legal entities flows clarifications - EBSI Documentation - CEF Digital European Commission
In this document, you can learn how to onboard and accredit the following legal entities
- EBSI Onboarding Service (EOS)
- Trusted Accreditation Organisation (TAO)
- Trusted Issuer (TI)
- The time for the eIDAS Bridge ValidatedID
if you wonder how many of us, users, can really take advantage of PKI for identifying ourselves on the internet, the answer is quite deceiving. This mature technology has been available for decades but has never become mainstream among the society for identifying end users.
In the graphic below we reorganised and regrouped the stakeholders to map the requirements for the eIDAS toolbox architecture onto a SSI framework (Self-Sovereign Identity framework).
Broadly, we at Evernym/Avast are impressed with the content and the underlying principles in the Framework. There’s a lot that we like, but there are also some areas of significant concern that need careful attention.
The uptake of eIDAS (facilitating cross-border acceptance of eIDs) is low relative to the technical capacity of states; only 15 of the 27 Member States able to fulfil the regulation’s requirements of accepting the eIDs of other Member States for public services.
The EU Commission did reflect on the effectiveness of the regulation in its Impact Assessment, and is developing a revision of it. There are multiple revision options being discussed, but thus far, the preferred option would establish a framework that provides citizens with optional use of a personal digital wallet
Governmental entities act as important intermediaries for many transactions occurring in today´s society.
In the era of misinformation, digital fraud has become a challenge that is essential to address.
Governments and the societies they serve need technology capable of verifying the authenticity of the information they handle.
As we build the European regulatory framework, in the transfer from paper to digital, a key question arises: how to share official documents, called ‘evidences’ or ‘credentials’ in a way that can be trusted?
-
Validated ID participates in a project to build the European Blockchain Services Infrastructure (EBSI) for the support of cross-border public services, an initiative created by the European Commission. EBSI is developing a strong and mature ecosystem that Validated ID is proud to be part of.
-
Announcing selection final phase eSSIF-Lab and maximum funding by the European Commission Work X
we have done extensive research & development into a use-case to let employees regain control over their career-related data. Therefore receiving the maximum development grant of €106.000 (funded by the European Commission) to bring our MVP into production.
- PCDS-DP - Product Circularity Data Sheets Digital Passport
- ESSIF 4 Logistics - SSI based authorization for cross- border government and business representatives in logistics
- Symfoni AS - Infrastructure to facilitate payments for verifiable credentials
- Datarella GmbH - Go Aries – Enabling CL-Support on Aries Framework Go
for the user interface, data storage, cryptographic protocols, sensitive cryptographic material and eID mean modules. "Requirements and Solution CNECT/LUX/2022/OP/0011"
We are glad to be among the first few along with @ValidatedID @danube @GATACA_ID @walt_id @DXCTechnology @CIMEA_Naric @identyum @ThalesDigiSec @posteitaliane
- An analysis of EU digital identity architecture and reference framework
- eIDAS 2.0: How Europe can define the digital identity blueprint for the world
The new proposal will pivot on some of the more key issues that held back the original framework. For example, instead of enforcing a single, rigid ID that openly reveals everything about an individual indefinitely, the eIDAS 2.0 structure can now potentially employ a flexible, self-sovereign identity (SSI) that puts control of all identifying information entirely into the hands of the end-users they pertain to, in both public and private partnership frameworks.
The information on Horizon Europe, EU Health, Digital Europe, Creative Europe, Digital Single Market, Citizens, Equality, Rights, and Values Programme were shared by the experts and also the representatives of the organizations that have project experience within the scope of these EU programs shared the achievements, outputs, challenges, lessons learned and cooperation processes with EU member states in the projects they implemented.
- [...]
Watch all the presentations from the event: 11 May 2022, 12 May 2022
EBSI
#1 EBSI combines W3C standards, Verifiable Credentials and DIDs, with blockchain technology for the purpose of information sharing between Citizens and Governments (C2G) or Businesses (C2B)
#2 Self-Sovereign Information Sharing should help verification, not control
#3 EBSI uses blockchain where it makes sense: to support the verification of Verifiable Crede
#4 EBSI contributes to an open market of SSI digital technologies and services
#5 EBSI successfully piloted Self-Sovereign Information Sharing in the education domain
- EBSI Explained European Commission
EBSI is a blockchain network of distributed nodes across Europe to support important applications. [...] Below you will find a series of publications that will walk you through the technologies that make it possible for Public Administrations and Businesses to easily verify and trust information received directly from Citizens (or Businesses). There are PDFs of each one:
- Verifiable Credentials Explained
- Verifiable Credentials in Action
- Decentralized Identifiers (DID) Methods
- Digital Identity
- Issuers Trust Model
- OpenID Connect for VCs
- Digital Wallet
EBSI: Innovation that respects our privacy is a joint effort
O’Neill’s Weapons of Math destruction, Zuboff’s Surveillance Capitalism, and Véliz’ recent Privacy is Power: these may have made it onto your summer reading list. And for good reason: wherever there is new technology, there is also concern for the respect of our European values.
Until now, the eIDAS regulation has only focused on online identification. However, the new proposal – eIDAS 2.0 – aims to extend identity to the world of physical services which can be accessed from anywhere around the globe.
- SSI subgrantee’s solutions booklet: download now! ESSIF-LAB ←report on all the NGI awardees (report
After a tough competition among overall excellent proposals, eSSIF-LAB selected the 4 most promising proposals out of 42 submitted applications. 161 applications were started altogether, from 22 different countries. This booklet gives an overview of the 4 Open Calls subgrantee projects started within the infrastructure-oriented and the business-oriented track of eSSIF-Lab.
The web is increasingly more distributed, and with it, a new pattern of information sharing is emerging: Self Sovereign Information sharing, where citizens stay in control of their information by choosing what and when to disclose it, and to whom EBSI enables self-sovereign Citizen-to-Government (C2G) and C2B (Citizen-to-Business) privacy-preserving information sharing.