Self-Sovereign Identity: Lightening Talk at RightsCon

Self-Sovereign Identity
Kaliya Young
Rights Con May 18, 2018

Long Time Ago in a Far Far away
Planetwork convened 50
Environmental Groups
at the Presidio in SF in1999
They asked how can we use the internet
to work together to solve
our environmentalcrises.

There were two answers - neither one was good.

Global Ecology and
Information Technology
2000

Building Identity and
Trust into the Next
Generation Internet
2003

Building Identity and
Trust into the Next
Generation Internet

Underlying this report is the assumption that every individual ought
to have the right to control his or her own online identity. You should
be able to decide what information about yourself is collected as part
of your digital profile, and of that information, who has access to
different aspects of it. Certainly, you should be able to read the
complete contents of your own digital profile at any time. An online
identity should be maintained as a capability that gives the user many
forms of control. Without flexible access and control, trust in the
system of federated network identity will be minimal.

A digital profile is not treated [by corporations who host
them] as the formal extension of the person it represents.
But if this crucial data about you is not owned by you,
what right do you have to manage its use?
A civil society approach to persistent identity is a
cornerstone of the Augmented Social Network project.

What are the
Protocols for People?

Internet Identity Workshop 2005

https://medium.com/evernym/the-three-models-of-digital-identity-relationships-ca0727cb5186
You get to have Different Accounts at Every single site you go to.

User
Relying Party
Identity Provider

FACEBOOK
Relying Party
Identity Provider
User

How can I own

my own

digital identity?

RENT-A
MYURL.COM
#
** Special NAME-SPACE
for People? **
How can people own their own ID? We had these choices

Presenting:
Self-Sovereign
Identity
I think we ﬁnally ﬁgured it out

Decentralized IDentiﬁer - DID
did:sov:3k9dg356wdcj5gf2k9bw8kfg7a
Method
Scheme
Method-Specific Identifier
Slide credit: Drummond Reed, Sovrin Foundation

Public
Key
cc2cd0ffde594d278c2d9b432f4748506a7f9f2
5141e485eb84bc188382019b6

047d599d4521480d9e1919481b024f29d2693f2
72d19473dbef971d7d529f6e9
Private 
Key
Public
Key
cc2cd0ffde594d278c2d9b432f4748506a7f9f2
5141e485eb84bc188382019b6

37
{ “Key”: “Value” }
DID
Decentralized
Identifier
DID Document
JSON-LD document
describing the
entity identified by
the DID

1. DID (for self-description)
2. Set of public keys (for verification)
3. Set of auth protocols (for authentication)
4. Set of service endpoints (for interaction)
5. Timestamp (for audit history)
6. Signature (for integrity)
38
The standard elements of a DID doc

Where does it go?
How can I ﬁnd it if its Decentralized?

41
Method DID prefix
Sovrin did:sov:
Bitcoin Reference did:btcr:
Ethereum uPort did:uport:
Blockstack did:stack:
Veres One did:v1:
IPFS did:ipld:
Active DID Method Specs

1. The syntax of the method-specific identifier
2. Any method-specific elements of a  
DID document
3. The CRUD (Create, Read, Update, Delete)
operations on DIDs and DID documents for
the target system
42
A DID Method spec defines…

In summary, a DID is…
1. A permanent (persistent) identifier
– It never needs to change
2. A resolvable identifier
– You can look it up to get metadata
3. A cryptographically-verifiable identifier
– You can prove ownership using cryptography
4. A decentralized identifier
– No centralized registration authority is required
43Slide credit: Drummond Reed, Sovrin Foundation

Back to the Humans
How can they use this?

DID Layer
The decentralized identity “stack”
Cloud Layer
Cloud Wallet Cloud Wallet
Cloud Agent Cloud Agent
Identity Owners
Edge Layer
Edge Wallet Edge Wallet
Edge Agent Edge Agent

Public-Private Cryptographic Keys
Public Key Infrastructure = PKI

DID Layer
Cloud Layer
Identity Owners
Edge Layer
Encrypted P2P Interaction

I get different DIDs for
different parts of my life

I get to prove things
about my self

The mission of the W3C Verifiable Claims Working Group:
Express credentials on the Web in
a way that is cryptographically
secure, privacy respecting, and
automatically verifiable.
Slide credit: Manu Sporny Veres One

Anatomy of a Verifiable Credential
Verifiable Credential
Issuer Signature
ClaimsClaimsClaims
Credential Identifier
Credential MetadataCredential MetadataCredential Metadata
57

Issuer
(Website)
Government, Employer,
etc.
Holder
(Digital Wallet /
Personal Data Store)
Citizen, Employee, etc.
Issue
Credentials
Verifiable Credentials Ecosystem

Issuer
(Website)
etc.
Verifier
(Website)
Company, Bank, etc.
Holder
(Digital Wallet /
Issue
Credentials
Present
Profiles

Decentralized Identifiers
(Identifiers are owned by individuals)
Issuer
(Website)
etc.
Verifier
(Website)
Company, Bank, etc.
Holder
(Digital Wallet /
Issue
Credentials
Present
Profiles

Decentralized Identifiers
(Identifiers are owned by individuals)
Blockchains / DHTs
(Decentralized Ledger)
Veres One, Sovrin, Bitcoin, Ethereum, etc.
Issuer
(Website)
etc.
Verifier
(Website)
Company, Bank, etc.
Holder
(Digital Wallet /
Issue
Credentials
Present
Profiles

Decentralized Identity Foundation

67
A simple standard way for a
DID owner to authenticate by
proving control of a  
private key
DID Auth is…

DID Layer
Identity Owners
Cloud Layer
Edge Layer
DID Auth

Bitcoin, 
Ethereum, IOTA, 
Veres One
Permissionless Permissioned
Public
Private
Validation
Access
Hyperledger Sawtooth*
Sovrin,
IPDB
Hyperledger (Fabric,
Sawtooth, Iroha), 
R3 Corda, 
CU Ledger
Blockchain Types / Governance
* in permissionless mode
71Slide credit: Drummond Reed, Sovrin Foundation

Four Emerging Open Standards for SSI
DID (Decentralized Identifier)
DKMS (Decentralized Key Management
System)
DID Auth
Verifiable Credentials

75
New ways to connect people and people
New tools to connect civil society.
Build real alternatives to Facebook
and Google.

Internet Identity Workshop
#27 October 23-25
Get Involved Building This Infrastructure
kaliya@identitywoman.net

Self-Sovereign Identity: Lightening Talk at RightsCon

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Self-Sovereign Identity: Lightening Talk at RightsCon

Similar to Self-Sovereign Identity: Lightening Talk at RightsCon (20)

More from Kaliya "Identity Woman" Young

More from Kaliya "Identity Woman" Young (16)

Recently uploaded

Recently uploaded (20)

Self-Sovereign Identity: Lightening Talk at RightsCon