14 KiB
title | permalink |
---|---|
What is Decentralized Identity? and Digital ID Fundamentals. | /getting-started/ |
What is Decentralized ID?
The essence of Decentralized-ID is in creating open standards for a privacy preserving internet-wide identity layer — not owned by any one particular organization, but interoperable between all.
It's impossible to have a conversation about decentralized-id without discussing blockchain, self sovereign identity, standardization and frameworks, along with global privacy and digital identifiction regulations:
- Cryptographers, privacy advocates and digital identity enthusiasts laid the foundation by deeply considering the privacy implications of identification practices in the electronic world.
- Self Sovereign Identity principles emerged from their work, gathering momentum as the digital age began to settle in.
- The European Union's GDPR enlarged the global conversation around digital privacy practices, lending much weight to the SSI credo.
- The United Nations Sustainable Development Goals (SDGs) have also fueled efforts towards a global and widely accessible identity solution.
- Satoshi Nakamoto released Bitcoin, proving the concept of digital scarcity in the form of a decentralized peer-to-peer (P2P) currency, inspiring leaders in every industry to integrate it's features to their business models.
- At the same time, Decentralized web and P2P technologists have also lent strength to Decentralized Identity efforts.
- Collectively arrived at solutions are trending towards congruence with the spirit of innovation, privacy concerns, and compliance within the evolving global regulatory landscape.
Getting Started with Decentralized ID
- The Laws of Identity
- A Technology‐Free Definition of Self‐Sovereign Identity for the third Rebooting Web of Trust DesignShop October 2016
- The Case for Decentralized Identity
The Internet was created without any way to identify the people who used it. The Internet was a network of machines. Consequently, all the identity in Internet protocols is designed to identify machines and services. People used the Internet through some institution (their company or university) and were part of that institution's administrative identity system. This can still be seen in the format of email addresses that identify both recipient and sender as someone@someplace. As the Internet grew to include people who weren't formally associated with an institution, every Web site and service created their own administrative identity domains. The result is the fractured plethora of identifiers, policies, and user experiences that constitute digital identity in 2019.
Abstract The desire for increased control over our identity has catapulted the idea of “self‐sovereign identity” into the forefront of digital identity innovation, yet the term lacks a rigorous definition beyond specific technical implementations1. This paper explores what self‐sovereign identity means independent of technology: what people need from independent identity capabilities. I want to understand how such a system enables both individuals whose identities are in play (subjects), as well as those who use those “identities” to correlate interactions across contexts (observers). I start with grounding individual sovereignty in the Enlightenment and identity in its core function of correlation, then propose core characteristics of a self‐sovereign identity system. My eventual goal is to model the technology‐independent requirements of a self‐sovereign solution suitable for realizing UN Sustainable Development Goal 16.9: “Providing every last person on the planet with a legal identity by 2030.”
We cannot decentralize many interesting systems without also decentralizing the identity systems upon which they rely. We're finally in a position to create truly decentralized systems for digital identity.
The evolution of online identity:
— Tykn (@Tykn_tech) October 27, 2020
1. Siloed Identity: All services hold your data.
2. Federated Identity: Brokers hold your data.
3. Self-Sovereign Identity: You hold your data.
- The Path to Self-Sovereign Identity
- The Inevitable Rise of Self-Sovereign Identity
- The Need for Good Digital ID is Universal
- The Rising Tide of Decentralized Identity - Decentralized Identity Foundation
Self-sovereign identity is the next step beyond user-centric identity and that means it begins at the same place: the user must be central to the administration of identity. That requires not just the interoperability of a user’s identity across multiple locations, with the user’s consent, but also true user control of that digital identity, creating user autonomy. To accomplish this, a self-sovereign identity must be transportable; it can’t be locked down to one site or locale.
This lack of secure, portable, user-controlled identity has some dire consequences. It means that a person’s identity and personal data only exists within the context of each specific website or application he or she uses. Stop using the site or application and the person’s digital existence is meaningless. And a user’s control over their identity and data must be exerted on a site-by-site, app-by-app basis.
The ability to prove who you are is a fundamental and universal human right. Because we live in a digital era, we need a trusted and reliable way to do that both in the physical world and online.
Creating a unified decentralized identity ecosystem requires addressing a set of fundamental user needs and technical challenges:
- Enabling registration of self-sovereign identifiers that no provider owns or controls.
- The ability to lookup and discover identifiers and data across decentralized systems.
- Providing a mechanism for users to securely store sensitive identity data, and enabling them to precisely control what is shared with others.
More on Decentralized \ Self Sovereign Identity
Literature
Self Sovereign Identity
Digital Identity 101
If you're looking to freshen up on your digital identity fundamentals, the following resources will be a good place to start.
- Guide to Digital Identity — Part 1 - Deepak Gupta
- What is Digital Identity?
- Difference Between Authentication and Authorization
- What is Identity and Access Management and Why is it a Vital IT Security Layer?
Are you curious about the Digital Identity Ecosystem? If you have been looking for a good, reliable and easy-to-understand source of information and haven’t had any luck, then this article is for you.
The Sapir–Whorf Hypothesis, also known as the principle of linguistic relativity, posits that language constructs our reality and worldview. While the hypothesis has been contested over the years, language is unarguably fundamental to the models of the world we build in our heads — and in our systems.
What is the difference between authentication (authN) versus authorization (authZ)? While these two fundamental security terms are often confused with each other, the only real similarity is they both begin with the letter “A” and are linked by an account. In concept, one verifies the account (authentication) and the other sanctions (authorization) the account to perform a task. Because these terms are so fundamental, it’s crucial to understand the difference between them, and the implications for each when the concepts are blended
Identity and Access Management (IAM), also called identity management, refers to the IT security discipline, framework, and solutions for managing digital identities. Identity management encompasses the provisioning and de-provisioning of identities, securing and authentication of identities, and the authorization to access resources and/or perform certain actions. While a person (user) has only one singular digital identity, they may have many different accounts representing them. Each account can have different access controls, both per resource and per context.
Video
- IDPro Member Presentations - Identiverse 2019](https://idpro.org/member-present) - [playlist
- 2019 - Introduction to Identity Part 1 - Identiverse
This workshop — provided by IDPro — will provide a comprehensive (and fun) introductory view of the identity world that will give participants a solid understanding of IAM’s foundations. Part 1 of this 2-part class begins with the basics like directories, identity proofing, provisioning, authentication (including multi-factor), authorization, as well as federation technologies like SAML, OAuth, and OpenID Connect. In Part 2, we build on those foundational technologies to explain PKI & digital certificates, privileged access management, identity for IoT, identity assurance, privacy issues, identity standards organizations, and even known attack vectors.
- Introduction to Identity Part 2 - June 25 - Identiverse 2019
- Modern Identity for Developers 101 - June 25 - Identiverse 2019
Modern identity promises to solve some of the thorniest problems that historically plagued handling authentication and access control in applications. That sounds great in theory, but how do thinks really look like when the rubber hits the road – what does it take to incorporate modern identity in your applications development practice? Come to this session to learn the basis of modern identity development and be better equipped to understand and participate to the session in this year’s Identiverse development track.
- An Introduction to Mobile Identity - June 25 - Identiverse 2019
- 2019 - Introduction to Identity Part 1 - Identiverse
Glossaries
Resources
- SSI Meetup [**ϟ**] [**V**]
- IIW-Wiki
- wiki.idcommons.net
- WebOfTrustInfo
- peacekeeper/blockchain-identity
- identitywoman.net
- windley.com/tags/identity
- Kim Camerons Identity Blog
- karimStekelenburg/awesome-self-sovereign-identity