Blockchain for Decentralized Identity — Self-Sovereign Identity De-mystified
In the blog series Blockchain for Decentralized Identity, I will be covering a range of topics. Starting with an introduction to Self-Sovereign Identity, a Conceptual Architecture, followed by more information on each of the four layers of the architecture. Next, will write about the Decentralized Identity Industry Standards, and dApps (Decentralized Applications). Future posts will cover the art of the possible for Decentralized Identity, one of the most promising use cases for Blockchain technology. Each subsequent blog post builds on the ideas and concepts of the previous one, hence I would suggest that you read them in the sequence posted. In each section, refer to the Glossary for an explanation of terms and References.
From Centrally Controlled Identity to Self-Sovereign Identity
Today our identities are owned by multiple central authorities or organizations. They can be easily stolen in physical or digital forms. These central authorities correlate our data across multiple platforms sometimes without our knowledge or consent to learn and profit from our online behavior, a breach of our privacy. Personal data that is stored on platforms can get hacked resulting in identity theft. There is no control over what data is shared when we need to provide some proof of our claims. We over-share data by handing over the full physical document instead of only providing proof of a requested claim. We don’t own what we are, know, and have. It is out there on the internet, is used, and possibly misused. Once we are victims of identity theft, it can take years to get control of our identities, or sometimes we never do.
Web 3.0 presents a promise to address the above issues with Identity. The term Web 3.0 refers to a decentralized internet that uses crypto tokens. Decentralization is at the heart of Web 3.0 which has the potential to democratize technology and put the users in control of their data. It displaces a centralized model where companies providing services are in control. Always on services on Web 3.0 are provided and consumed via a user-controlled Digital Wallet enabled by blockchain technologies.
From insecure physical documents to decentralized identity
The advent of the blockchain presents the opportunity to move from a centralized to a decentralized model for managing one’s identity. The adoption of decentralized IDs will be accelerated with the movement away from the use of physical documents for proof of one’s identity to complete a transaction. Only data required to complete a transaction can be shared instead of entire documents. With the blockchain as the underlying infrastructure, the verification process is always on. Personal data is never stored in a central server; hence, data breaches are reduced. To address the above problems, Self-Sovereign Identity is a new concept where autonomy is in the hands of the user.
Principles of Self-Sovereign Identity
The 10 principles of Self-Sovereign Identity are:
1. Decentralization: No central authority can control an entity’s identity; how the data is stored, used, or verified.
2. Access: An identity holder has access to participate in the ecosystem of their own free will. No one is excluded or discriminated against unless they fail to comply with governance rules.
3. Existence: Allows an entity (person, organization, or thing) to be represented using multiple identifiable credentials and their associated data with claims. The data associated with the identity is immutable.
4. Control: The entity is in control over their identity; what they know, own, and have. The user decides what data they share, with whom, when, and how it is used.
5. Transparency: Stakeholders in the ecosystem can access, and verify data required to complete a transaction. These are within established policies and legal rules within which the stakeholders operate.
6. Interoperability: Use of open standards for decentralized identity data that enables it to be represented, exchanged, stored, protected, and verified.
7. Portability: The identity holder can transfer their digital data to any provider of services of their choice. They are not locked into a platform provided by a service provider.
8. Consent: Transactions are executed with consent from the identity holder. Whether it is for data that is issued to the entity or data that is shared with others, for example, verifiers.
9. Minimization: Only share information that is necessary to complete a transaction. This is also referred to as Zero-Knowledge Proof. For example, to enter a bar, one needs to only prove that one is above 21 years of age and not show one’s driver’s license with other information. This protects the privacy of the entity.
10. Security: The identity owner is empowered to secure their data at rest and in motion using cryptography and encryption for all stages of transactions.
The next blog will cover a high-level overview of the Conceptual Architecture for Decentralized Identity on Blockchain.
Glossary:
Credential:
An attestation of qualification, or authority that is issued by an entity. It can contain multiple claims. For example, a driver’s license is a credential that has multiple claims such as name, date of birth, address…
Entity:
A person, organization, or thing
Self-Sovereign Identity (SSI):
A decentralized way to manage the identity of an entity is built on the principles of transparency, interoperability, portability, consent from the owner who controls what they own, know, and have.
Zero-Knowledge Proof
Contains claims or attributes that prove something about an entity without exposing co-relatable information about them.
Linkedin https://www.linkedin.com/in/anitarao/,
Twitter @anitaprao