Multi-Source and Self-Sovereign Identity

Summary: Self-sovereign identity is multi-source, but not all multi-source identity systems are self-sovereign. Self-sovereignty requires that people and organizations have control of their credentials and interact as peers.

A Wallet Holding Credentials

The world is full of credentials. Some, like a driving license, an employee ID card, a passport, or a university diploma are widely recognized as such. But many other things are also credentials: a store receipt, a boarding pass, or a credit score, for example. Credentials, designed properly, allow verifiable data to be employed in workflows without centralized hubs, point-to-point integrations, or real-time communication between the various players. Credentials enable decentralized, asynchronous workflows.

The Issuer/Holder/Verifier Trust Triangle
The Issuer/Holder/Verifier Trust Triangle

Multi-source identity (MSI) allows multiple credentials from multiple providers to be brought to bear, flexibly and conveniently, in a situation where trusted attestations are needed for the participants in a workflow to make progress. In MSI, there are three players: credential issuers, credential holders, and Continue reading "Multi-Source and Self-Sovereign Identity"

You’ve Had an Automobile Accident: Multi-Source Identity to the Rescue

Summary: The real world is messy and unpredictable. Creating an identity system that is flexible enough to support the various ad hoc scenarios that the world presents us with can only be done using a decentralized system like Sovrin that allows multiple credentials from various authorities to be shared in the ways the scenario demands.

Car crash scene with police nobody hurt

Earlier I wrote about the idea of multi-source identity that allows multiple authorities to make assertions about people, organizations, and things that can be verified. Multi-source identity becomes self-sovereign identity when the individual is able to control those assertions and use them in a privacy-preserving manner whenever and where ever they want.

Recently Joe Andrieu gave a presentation about the role of multiple assertions in a real-life situation—an automobile accident. As I listened, I thought it was an excellent example because it showed clearly the power of being able to bring multiple, independent credentials to

Credential Uses in a Car Accident
Continue reading "You’ve Had an Automobile Accident: Multi-Source Identity to the Rescue"

The Sovrin Foundation

Summary: This article describes the role that the Sovrin Foundation and associated groups play in governing, operating, and using the Sovrin Network. The Sovrin Network is designed and intended to be decentralized so understanding the key influence points and community groups is important.

Freifunk Mesh

In Decentralized Governance in Sovrin, I wrote:

The Sovrin Network is a global public utility for identity that we all own, collectively, just like we all own the Internet.

When I say Sovrin is "public," I mean that it is a public good that anyone can use so long as they adhere to the proper protocols, just like the Internet. Sovrin is created through the cooperation of many people and organizations. Enabling that cooperation requires more than luck. In Coherence and Decentralized Systems, I wrote:

Public spaces require coherence. Coherence in Sovrin springs from the ledger, the protocols, the trust framework, standards, and market incentives.

Continue reading "The Sovrin Foundation"

Exploring Self-Sovereign Identity in India

Summary: I spent almost two weeks talking with people about self-sovereign identity in Switzerland and India. I'm more excouraged than ever that self-sovereign identity holds the key to real change in how we live our digital lives with security, privacy, and dignity.

Visiting a fertilizer distribution center near Vijayawada to see Aadhaar in action

I'm just finishing up my travel to Switzerland and India to talk about self-sovereign identity. The trip was amazing and full of interesting and important conversatons.

The TechCrunch event in Zug was very good. I was skeptical of a one-day conference with so much happening in a short time, but thanks to great preparation by those running the show and all the participants, it exceeded my expectations in every way. I spoke on a panel with Sam Cassatt of and Guy Zyskind from Enigma. Samantha Rosestein was the moderator.

But it was the conversations I had with people at the event that really made it interesting. Self-sovereign identity Continue reading "Exploring Self-Sovereign Identity in India"

Identity and India

Summary: In July I'll be circling the globe to talk about self-sovereign identity and learn about how others are approaching and using it.

Aadhaar enrollment drive ar Bareilly, UP, India

The first half of July I'm going to be on the road speaking about self-sovereign identity in Switzerland and at two events in India. This is my first time in Switzerland and India, so I'm looking forward to the trip and meeting lots of interesting people.

The event in Zug is the TC Sessions: Blockchain 2018 event on July 6th. I'll be speaking on self-sovereign identity in an afternoon session.

There are two events the following week in India. The first is the IEEE-SA InDITA Conference in Bangalore on July 10-11. DITA stands for "Digital Inclusion through Trust and Agency" and I like that theme. The Internet Identity Workshop organizers, Kaliya Young, Doc Searls, Heidi Saul, and myself, are helping organize this event, so it will be Continue reading "Identity and India"

Multi-Source Identity

Summary: Multi-source identity systems like Sovrin enabled richer digital identity transactions that mirror the decentralized, ad hoc nature of identity in the physical world.

Audio Mixer

In the physical world, people collect and manage identity credentials1 from various sources including governments, financial institutions, schools, businesses, family, colleagues, and friends. They also assert information themselves. These various credentials serve different purposes. People collect them and present them in various contexts. When presented, the credential verifier is free to determine whether to trust the credential or not.

Online, identity doesn't work that way. Online identity has traditionally been single-source and built for specific purposes. Online, various, so-called "identity providers" authenticate people using usernames and passwords and provide a fixed, usually limited set of attributes about the subject of the identity transaction. The identity information from these systems is usually used within a specific, limited context. Social login allows it to be used across Continue reading "Multi-Source Identity"

Coherence and Decentralized Systems

Summary: Building decentralized systems requires more than defining a few specifications and hoping for the best. In order to thrive, decentralized systems need coherence, the social organization necessary to get otherwise independent actors to cooperate.

Coherence in Chaos

We take the Internet for granted, not realizing that such a global, decentralized system is a rare thing. Protocols, rightly, get credit, but they alone are insufficient. TCP/IP did not create the Internet. The Internet is not just a set of protocols, but rather a real thing. People and organizations created the Internet by hooking real hardware and communication lines together. To understand the importance of this, we need to understand what's necessary to create social systems like the Internet.

Social systems that are enduring, scalable, and generative require coherence among participants. Coherence allows us to manage complexity. Coherence is necessary for any group of people to cooperate. The coherence necessary to create the Internet Continue reading "Coherence and Decentralized Systems"

Building Your Business on Sovrin: Domain-Specific Trust Frameworks

Summary: A domain-specific trust framework is a collection of policies, legal agreements and technologies that provides the context for claims in a given domain. Sovrin Foundation provides a structure and supporting systems for groups defining trust frameworks. This post describes how domain-specific trust frameworks function.

Working in a Framework

In Decentralized Governance in Sovrin, I described how the Sovrin Network is governed. The centerpiece of that discussion is the Sovrin Trust Framework. The trust framework serves as the constitution for Sovrin, laying out the principles upon which Sovrin is governed and the specific requirements for various players in the Sovrin Ecosystem.

In A Universal Trust Framework, I say “a trust framework provides the structure necessary to leap between the known and unknown.” The idea is that online we often lack the necessary context to reduce the risk around the decisions we make. A trust framework defines that context using agreement, process,

Claim Issuing and Presenting
Continue reading "Building Your Business on Sovrin: Domain-Specific Trust Frameworks"

What We Learn about Self-Sovereignty from CryptoKitties

Summary: CryptoKitties are a useful example of digital ownership and self-sovereignty except for one small flaw.

Late last year CryptoKitties burst into the blockchain world. If you haven't been paying attention, CryptoKitties is a Web site that uses a browser-based wallet (MetaMask) to sell (for Ether) little virtual kitties. Once you have a kittie, you can breed it with others, to create new kitties. Each one is a unique individual created with some genetic algorithm. Some Gen 0 or Gen 1 kitties have sold for ridiculous amounts of money. If you were around in the 90's when the Web was taking off, think Beanie Babies meets Blockchain and you'll get the idea1.

Except it's a little more interesting than Beanie Babies ever were because each CryptoKittie is really a non-fungible token on the Ethreum blockchain. This means each kittie has some interesting properties:

Sovrin Foundation Welcomes Nathan George

Summary: Hiring a full time CTO is a big step for the Sovrin Foundation. I'm excited Nathan is joining us.

The Sovrin Foundation is excited to announce that we have hired of Nathan George as our Chief Technology Officer. Nathan was previously Chief Architect at Evernym, Inc. He has been instrumental in maintaining the Hyperledger open-source Project Indy, which is sponsored by the Sovrin Foundation. Nathan comes with a wealth of experience that will help Sovrin thrive and reach its full potential.

I’m very excited to have Nathan join the foundation. The Sovrin Foundation is much more than an advocacy organization for self-sovereign identity. As I wrote in Decentralized Governance in the Sovrin Foundation, the foundation exists to administer the Sovrin Trust Framework and a significant aspect of that entails designing and implementing protocols, managing Project Indy, and supporting the Sovrin Stewards in their operation of the network nodes. These Continue reading "Sovrin Foundation Welcomes Nathan George"

Decentralized Governance in Sovrin

Summary: Decentralized systems require governance to function well. Ideally this governance should be clear, open, and effective without impacting the decentralized nature of the system. This post describes the governance of the Sovrin network. Our approach is a constitutional model based on an agreement we call the Sovrin Trust Framework that informs and guides everything from code development to the responsibilities of the various actors in the system. The Sovrin Trust Framework enables decentralized governance of the Sovrin network.

Marc Hulty defines governance as "the processes of interaction and decision-making among the actors involved in a collective problem that lead to the creation, reinforcement, or reproduction of social norms and institutions." From this we can conclude that everything gets governed, the question is whether governance is ad hoc or formal, explicit or implicit.

One of the ironies of decentralized systems is that they require better governance than most centralized Continue reading "Decentralized Governance in Sovrin"

Decentralized Governance

Summary: Decentralized systems require governance to function well. Ideally this governance should be clear, open, and effective without impacting the decentralized nature of the system. This post describes the governance of the Sovrin network. Our approach is a constitutional model based on an agreement we call the Sovrin Turst Framework that informs and guides everything from code development to the responsibilities of the various actors in the system.

Marc Hulty defines governance as "the processes of interaction and decision-making among the actors involved in a collective problem that lead to the creation, reinforcement, or reproduction of social norms and institutions." From this we can conclude that everything gets governed, the question is whether governance is ad hoc or formal, explicit or implicit.

One of the ironies of decentralized systems is that they require better governance than most centralized systems. Centralized systems are often governed in an ad hoc way Continue reading "Decentralized Governance"

Announcing the Sovrin Whitepaper

Summary: The Sovrin whitepaper is now available. Identity in real life is much richer than online identity, flexibly and conveniently solving all kinds of thorny problems. Now with Sovrin, we can bring those rich identity transactions online. This paper shows how that happens and why it will impact every sector of the Internet in significant ways. I hope you'll spend some time reading it.

Sovrin Logo

I'm very pleased to announce that the Sovrin whitepaper is now available. The whitepaper pulls together in one place detailed information about why Sovrin exists, what Sovrin is, and how it will impact nearly every aspect of your online life. Here's the abstract:

Digital identity is one of the oldest and hardest problems on the Internet. There is still no way to use digital credentials to prove our online identity the same way we do in the offline world. This is finally changing. First, the World Continue reading "Announcing the Sovrin Whitepaper"

Secure Pico Channels with DIDs

Summary: Decentralized identifiers are a perfect complement to the event channels in picos and provide the means of performing secure messaging between picos with little effort on the developer's part.

Encryption Flow

Picos are Internet-first actors that are well suited for use in building decentralized soutions on the Internet of Things. See this description of picos for more details.

Picos send an receive messages over channels. Each channel has a non-correlatable identifier, called an ECI. Because picos can have as many channels as they like, you can use them to prevent correlation of the pico's identity without the pico's participation.

When two picos exchange ECIs to create a relationship, we call that a subscription. Wrangler, the pico operating system, supports creating and using subscriptions. Subscriptions allow picos to use peer-to-peer, graph-based interaction patterns. From a given pico's perspective, it has an inbound channel to receive messages (the Rx channel) and an outbound Continue reading "Secure Pico Channels with DIDs"

Fixing the Five Problems of Internet Identity

Summary: Sovrin capitalizes on decades of cryptographic research and the now widespread availability of decentralized ledger technology to rethink identity solutions so that we can have scalable, flexible, private interactions with consent despite the issues that distance introduces.

Credential Exchange

Andy Tobin has a great presentation that describes five problems of Internet identity. Our claim is that self-sovereign identity, and Sovrin in particular, solve these five problems:

The Proximity Problem—The proximity problem is as old as the familiar cartoon with the caption "On the Internet, nobody knows you're a dog." Because we're not interacting with people physically, our traditional means of knowing who we're dealing with are useless. In their place we've substituted username-password-based authentication schemes. The result is that people's identity information is replicated in multiple identity silos around the Internet.

The Scale Problem—Digital identity currently relies on hubs of identity information. We login using Facebook or Google—huge Continue reading "Fixing the Five Problems of Internet Identity"

Is Sovrin Decentralized?

Summary: To determine whether Sovrin is decentralized, we have to ask questions about the purpose of decentralization and how Sovrin supports those purposes.

People sometimes ask "Is Sovrin decentralized?" given that it relies on a permissioned ledger. Of course, the question is raised in an attempt to determine whether or not an identity system based on a permissioned ledger can make a legitimate claim that it's self-sovereign. But whether or not a specific system is decentralized is just shorthand for the real questions. To answer the legitimacy question, we have to examine the reasons for decentralization and whether or not the system in question adequately addresses those reasons.

This excellent article from Vitalik Buterin discusses the meaning of decentralization. Vitalik gives a great breakdown of different types of decentralization, listing architectural decentralization, political decentralization, and logical decentralization.

Of these, logically decentralized systems are the most rare. Bitcoin and other Continue reading "Is Sovrin Decentralized?"

The 10-Year Platform: Shutting Down KRE

Summary: The original pico engine, KRE, is no more. But the ideas and capabilities of the platform live on in the new pico engine.

A few years ago, I announced on this blog that Kynetx was done. But the platform we'd created, the Kynetx Rules Engine, or KRE, lived on. Today I am annoucing that KRE is dead too. We shut it down last week.

Despite the demise of Kynetx, the platform continued to be open and available. Fuse was still running on it and my students were using it for class and research. But Fuse stopped working for good last spring when the MVNO we were using to process cellular data from the car devices shut down. And the new pico engine is working so well that we use it for everything now.

KRE was started in 2007 and envisioned as a cloud-based programming platform for events. While we Continue reading "The 10-Year Platform: Shutting Down KRE"

Equifax and Correlatable Identifiers

Summary: We can avoid security breachs that result in the loss of huge amounts of private data by creating systems that don't rely on correlatable identifiers. Sovrin is built to use non-correlatable identifiers by default while still providing all the necessary functionality we expect from an identity system.

Yesterday word broke that Equifax had suffered a data breach that resulted in 143 million identities being stolen. This is a huge deal, but not really too shocking given the rash of data breaches that have filled the news in recent years.

The typical response when we hear about these security problems is "why was their security so bad?" While I don't know any specifics about Equifax's security, it's likely that their security was pretty good. But the breach still occurred. Why? Because of Sutton's Law. When Willie Sutton was asked why he robbed banks, he reputedly said "cause that's where Continue reading "Equifax and Correlatable Identifiers"

Sovrin Self-Sustainability

Summary: For Sovrin to become a global, public utility that helps everyone create and manage self-sovereign identities, it must be independent and self-sustaining. This post outlines four idependence milestones for Sovrin Foundation.

The Sovrin Foundation began life about a year ago. We launched the Sovrin Network just last month. For Sovrin to achieve its goal of providing self-sovereign identity for all, the Foundation and the Network have to be independent and self-sustaining.

The idea for Sovrin-style identity and the technology behind it was developed by Evernym. To their credit, Evernym’s founders, Jason Law and Timothy Ruff, recognized that for their dream of a global identity system to become reality, they’d have to make Sovrin independent of Evernym. At present, Evernym continues to make huge contributions to Sovrin in time, code, money, and people. Our goal is to reduce these contributions, at least as a percentage of the total, over time.

Continue reading "Sovrin Self-Sustainability"

The Case for Decentralized Identity

Summary: We cannot decentralize many interesting systems without also decentralizing the identity systems upon which they rely. We're finally in a position to create truly decentralized systems for digital identity.

I go back and forth between thinking decentralization is inevitable and thinking it's just too hard. Lately, I'm optimistic because I think there's a good answer for one of the sticking points in building decentralized systems: decentralized identity.

Most interesting systems have an identity component. As Joe Andrieu says, "Identity is how we keep track of people and things and, in turn, how they keep track of us." The identity component is responsible for managing the identifiers and attributes that the system needs to function, authenticating the party making a request, and determining whether that party is authorized to make the request. But building an identity system that is usable, secure, maximizes privacy is difficult—much harder than most Continue reading "The Case for Decentralized Identity"