One of the curious constructions of the Internet is the term identity provider. You don’t need anyone to provide you with an identity, of course. You have an innate one by virtue of being human. Rather, so-called identity providers, or IDPs, provide you with an identifier, a means of recording attributes important to that provider, and some method of proving it’s you – usually a password.
This is not surprising since online identity has traditionally been viewed through the lens of an organization and its needs, not the individual and his or her needs. Identity systems are created to administer identifiers and attributes within a specific domain. The result: people end up with hundreds of online personas at hundreds of organizations. Each of these administrative identity systems is proprietary and owned by the organization that provides it; you really don’t have an online identity that’s independent of these many systems. Got a new address, or an updated credit card number? You’ll have to deal with each of these systems one at a time in whatever manner they require.
But what if you could do that in one place at one time? Sure, Computerworld, Amazon, or whomever would still want to keep an account, and still need your updated address. But that account would be linked to an identity you provide. More importantly, it would be one you control.
Self-sovereign identiy explained
This concept is called self-sovereign identity. Self-sovereign identity starts with the notion that we all are the makers of our own identity, online and off. Because they do not rely on any centralized authority, self-sovereign identity systems are decentralized, mirroring the way identity works in real life.
Offline, our interactions flexibly support the use of attributes and credentials from numerous third parties, all presented by the very person they’re about, typically by taking those credentials out of a wallet or purse and presenting them to someone else to verify. For example, take a driver’s license. States issue it as a credential that you’re authorized to drive. But, it’s useful for a lot more. When you show up at a bar and the bartender wants proof you’re over 21, you show them your driver’s license.
Think about this for a minute and you’ll realized that this is a minor miracle, at least compared to how online identity works. The bar has no legal contract, business relationship, or technical integration with the Department of Motor Vehicles (DMV). They didn’t get anyone’s permission. They just started asking people for their license. The person they’re trying to verify gives them the credential. This works because the bar trusts the DMV to know your birthday. And the important information is packaged in a way that makes it easy to authenticate and difficult to forge.
The offline world makes use of decentralized credentials that are granted to and conveyed by the person they’re about. Identirati call these kind of third-party credentials claims – claims that can be verified as authentic even when they’re conveyed by the subject of the claim. These “verifiable claims” are the heart of self-sovereign identity.
Self-sovereignty doesn’t mean that you’re in complete control. But, it does define the borders within which you make decisions and outside of which you negotiate with others as peers. To continue the bar example, you get to decide what credential to present. The bar gets to decide what credentials it’ll accept. It doesn’t have to accept your driver’s license. If the bartender thinks it’s fake, he’ll reject it along with you.
The problem with online identities
Self-sovereign identity works great in real life, where we carry paper or plastic credentials with us; it’s been much harder to duplicate online. Online identity has suffered from five very real problems:
- The proximity problem: when you’re dealing with people at a distance, opportunities for fraud abound.
- The scale problem: online identity systems are based on business relationships and technical integrations to root trust authorities. All this is expensive and only done for high-value use cases.
- The flexibility problem: current identity systems are rigid, with fixed schema and use cases.
- The privacy problem: shared identifiers, like browser cookies, allow personal information to be accumulated and correlated behind our backs. Ongoing hacks convincingly show that big centralized stores of personal information are not safe.
- The consent problem: identity systems rely on universal identifiers like email addresses, phone numbers and even Social Security Numbers that make it easy for third parties to correlate behavior and keep tabs on people without their permission.
Self-sovereign identity systems solve these problems using decentralization and cryptography. Decentralized identity has been difficult because one of the core requirements of functional identity is discovery: if you give me an identifier, I need to look it up. In the past, this has always led to centralized directories, which led to centralized identity systems.
But blockchain has changed all that.
How blockchain can solve the identity dilemma
Self-sovereign identity systems use blockchains – distributed ledgers – so that decentralized identifiers can be looked up without involving a central directory. Blockchains don’t solve the identity problem by themselves, but they do provide a missing link that allows things we’ve known about cryptography for decades to suddenly be used. That allows people to prove things about themselves using decentralized, verifiable credentials just as they do offline.
To see how this works, consider our example of presenting your driver’s license to the bar. The DMV is the claim issuer and gives you, the claim holder, a digital representation of your driver’s license. The DMV uses keys linked to their decentralized identifier on the blockchain to sign the claim so that it is tamper-evident and anyone who gets it can validate that it was issued by the DMV. You have a wallet to hold your claims and can use keys linked to a decentralized identifier that you control on the blockchain to countersign the digital driver’s license. When the bar needs to see that you’re of legal age, you can present the digital driver’s license and the bar can verify that it hasn’t been changed, that the DMV issued it to you, and you’re the one presenting it. Everyone can use the blockchain to lookup decentralized identifiers and retrieve any associated public keys.
Of course, any organization or person can issue whatever claims they want; you’re free to store whatever claims you like in your wallet; and claim verifiers are able to choose what claims they trust. Decentralizing these choices ensures the flexibility necessary so that self-sovereign identity systems can be used for almost any purpose.
To be self-sovereign, an identity system must have certain key features:
- Persistent: An identity that can be taken away isn’t self-sovereign. Identifiers in a self-sovereign identity system are long-lived, non-reusable and owned by the person who creates them. People aren’t the only ones who need self-sovereign identities. Organizations and connected things also need them, and can use the same infrastructure as individuals.
- Peer-based: Sovereignty defines a border within which people have control and outside of which they interact with others as peers. People are in control of the relationships they form and the information they share, but others get to make the same choices. Self-sovereign identity systems aren’t client-server, but rather peer-to-peer.
- Privacy protecting: Self-sovereignty puts the person in control of how information is shared. Consequently, any identity system that doesn’t prevent correlation, minimize attribute disclosure, and provide for explicit consent puts people’s information at risk and removes it from their control.
- Portable: Self-sovereignty implies choice and control. Vendor lock-in destroys both. Identifiers and associated credentials must be portable and self-sovereign identity systems must be interoperable to protect choice and control.
Several self-sovereign identity systems exist now in various stages of development, including Sovrin, uPort and Veres One. Each of these supports decentralized, self-sovereign identity but differ in how claims are issued and presented.
Self-sovereign identity is a relatively new concept and is undergoing rapid changes. Standards for decentralized identifiers and verifiable claims are being developed to provide interoperability. Ultimately, these systems should promote human dignity and protect the basic human desire for self-determination. As Joe Andrieu writes: “When we build interconnected systems without a core understanding of identity, we risk inadvertently compromising human dignity. We risk accidentally building systems that deny self-expression, place individuals in harm’s way, and unintentionally oppress those most in need of self-determination.”
Implemented correctly, self-sovereign identity systems provide scalable, flexible, private interactions with consent despite the issues that distance introduces. More importantly, they support natural human activities without threatening the privacy or liberty of people who use them. This is a development we can all support.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.