decentralized-id.github.io/_posts/2020-01-10-getting-started.md
2020-11-20 03:33:49 -05:00

14 KiB
Raw Blame History

title permalink toc last_modified_at
What is Decentralized Identity? and Digital ID Fundamentals. /getting-started/ false 2020-11-02

What is Decentralized ID?

The essence of Decentralized-ID is in creating open standards for a privacy preserving internet-wide identity layer — not owned by any one particular organization, but interoperable between all.

It's impossible to have a conversation about decentralized-id without discussing blockchain, self sovereign identity, standardization and frameworks, along with global privacy and digital identifiction regulations:

  • Cryptographers, privacy advocates and digital identity enthusiasts laid the foundation by deeply considering the privacy implications of identification practices in the electronic world.
  • The European Union's GDPR enlarged the global conversation around digital privacy practices, lending much weight to the SSI credo.
  • The United Nations Sustainable Development Goals (SDGs) have also fueled efforts towards a global and widely accessible identity solution.
  • Satoshi Nakamoto released Bitcoin, proving the concept of digital scarcity in the form of a decentralized peer-to-peer (P2P) currency, inspiring leaders in every industry to integrate it's features to their business models.
  • At the same time, Decentralized web and P2P technologists have also lent strength to Decentralized Identity efforts.
  • Collectively arrived at solutions are trending towards congruence with the spirit of innovation, privacy concerns, and compliance within the evolving global regulatory landscape.

Getting Started with Decentralized ID

  • The Laws of Identity
  • The Internet was created without any way to identify the people who used it. The Internet was a network of machines. Consequently, all the identity in Internet protocols is designed to identify machines and services. People used the Internet through some institution (their company or university) and were part of that institution's administrative identity system. This can still be seen in the format of email addresses that identify both recipient and sender as someone@someplace. As the Internet grew to include people who weren't formally associated with an institution, every Web site and service created their own administrative identity domains. The result is the fractured plethora of identifiers, policies, and user experiences that constitute digital identity in 2019.
  • A TechnologyFree Definition of SelfSovereign Identity for the third Rebooting Web of Trust DesignShop October 2016
  • Abstract The desire for increased control over our identity has catapulted the idea of “selfsovereign identity” into the forefront of digital identity innovation, yet the term lacks a rigorous definition beyond specific technical implementations1. This paper explores what selfsovereign identity means independent of technology: what people need from independent identity capabilities. I want to understand how such a system enables both individuals whose identities are in play (subjects), as well as those who use those “identities” to correlate interactions across contexts (observers). I start with grounding individual sovereignty in the Enlightenment and identity in its core function of correlation, then propose core characteristics of a selfsovereign identity system. My eventual goal is to model the technologyindependent requirements of a selfsovereign solution suitable for realizing UN Sustainable Development Goal 16.9: “Providing every last person on the planet with a legal identity by 2030.”
  • The Case for Decentralized Identity
  • We cannot decentralize many interesting systems without also decentralizing the identity systems upon which they rely. We're finally in a position to create truly decentralized systems for digital identity.

The evolution of online identity:

1. Siloed Identity: All services hold your data.

2. Federated Identity: Brokers hold your data.

3. Self-Sovereign Identity: You hold your data.

— Tykn (@Tykn_tech) October 27, 2020
  • The Path to Self-Sovereign Identity
  • Self-sovereign identity is the next step beyond user-centric identity and that means it begins at the same place: the user must be central to the administration of identity. That requires not just the interoperability of a users identity across multiple locations, with the users consent, but also true user control of that digital identity, creating user autonomy. To accomplish this, a self-sovereign identity must be transportable; it cant be locked down to one site or locale.
  • The Inevitable Rise of Self-Sovereign Identity
  • This lack of secure, portable, user-controlled identity has some dire consequences. It means that a persons identity and personal data only exists within the context of each specific website or application he or she uses. Stop using the site or application and the persons digital existence is meaningless. And a users control over their identity and data must be exerted on a site-by-site, app-by-app basis.
  • The Need for Good Digital ID is Universal
  • The ability to prove who you are is a fundamental and universal human right. Because we live in a digital era, we need a trusted and reliable way to do that both in the physical world and online.
  • The Rising Tide of Decentralized Identity - Decentralized Identity Foundation
  • Creating a unified decentralized identity ecosystem requires addressing a set of fundamental user needs and technical challenges:

    - Enabling registration of self-sovereign identifiers that no provider owns or controls.
    - The ability to lookup and discover identifiers and data across decentralized systems.
    - Providing a mechanism for users to securely store sensitive identity data, and enabling them to precisely control what is shared with others.

{% include video id="DaM0UtQTLCs" provider="youtube" %}

More on Decentralized | Self Sovereign Identity

Digital Identity 101

If you're looking to freshen up on your digital identity fundamentals, the following resources will be a good place to start.

  • Guide to Digital Identity — Part 1 - Deepak Gupta
  • Are you curious about the Digital Identity Ecosystem? If you have been looking for a good, reliable and easy-to-understand source of information and havent had any luck, then this article is for you.
  • What is Digital Identity?
  • The SapirWhorf Hypothesis, also known as the principle of linguistic relativity, posits that language constructs our reality and worldview. While the hypothesis has been contested over the years, language is unarguably fundamental to the models of the world we build in our heads — and in our systems.
  • Difference Between Authentication and Authorization
  • What is the difference between authentication (authN) versus authorization (authZ)? While these two fundamental security terms are often confused with each other, the only real similarity is they both begin with the letter “A” and are linked by an account. In concept, one verifies the account (authentication) and the other sanctions (authorization) the account to perform a task. Because these terms are so fundamental, its crucial to understand the difference between them, and the implications for each when the concepts are blended
  • What is Identity and Access Management and Why is it a Vital IT Security Layer?
  • Identity and Access Management (IAM), also called identity management, refers to the IT security discipline, framework, and solutions for managing digital identities. Identity management encompasses the provisioning and de-provisioning of identities, securing and authentication of identities, and the authorization to access resources and/or perform certain actions. While a person (user) has only one singular digital identity, they may have many different accounts representing them. Each account can have different access controls, both per resource and per context.

Video

  • IDPro Member Presentations - Identiverse 2019 - playlist
    • 2019 - Introduction to Identity Part 1 - Identiverse

      This workshop — provided by IDPro — will provide a comprehensive (and fun) introductory view of the identity world that will give participants a solid understanding of IAMs foundations. Part 1 of this 2-part class begins with the basics like directories, identity proofing, provisioning, authentication (including multi-factor), authorization, as well as federation technologies like SAML, OAuth, and OpenID Connect. In Part 2, we build on those foundational technologies to explain PKI & digital certificates, privileged access management, identity for IoT, identity assurance, privacy issues, identity standards organizations, and even known attack vectors.

    • Introduction to Identity Part 2 - June 25 - Identiverse 2019
    • Modern Identity for Developers 101 - June 25 - Identiverse 2019

      Modern identity promises to solve some of the thorniest problems that historically plagued handling authentication and access control in applications. That sounds great in theory, but how do thinks really look like when the rubber hits the road what does it take to incorporate modern identity in your applications development practice? Come to this session to learn the basis of modern identity development and be better equipped to understand and participate to the session in this years Identiverse development track.

    • An Introduction to Mobile Identity - June 25 - Identiverse 2019

Glossaries

Resources


Next History

Check out our history section for additional background info on the decades-long quest for decentralized identity.