Is Sovrin Decentralized?

Summary: To determine whether Sovrin is decentralized, we have to ask questions about the purpose of decentralization and how Sovrin supports those purposes.

People sometimes ask "Is Sovrin decentralized?" given that it relies on a permissioned ledger. Of course, the question is raised in an attempt to determine whether or not an identity system based on a permissioned ledger can make a legitimate claim that it's self-sovereign. But whether or not a specific system is decentralized is just shorthand for the real questions. To answer the legitimacy question, we have to examine the reasons for decentralization and whether or not the system in question adequately addresses those reasons.

This excellent article from Vitalik Buterin discusses the meaning of decentralization. Vitalik gives a great breakdown of different types of decentralization, listing architectural decentralization, political decentralization, and logical decentralization.

Of these, logically decentralized systems are the most rare. Bitcoin and other Continue reading "Is Sovrin Decentralized?"

Equifax and Correlatable Identifiers

Summary: We can avoid security breachs that result in the loss of huge amounts of private data by creating systems that don't rely on correlatable identifiers. Sovrin is built to use non-correlatable identifiers by default while still providing all the necessary functionality we expect from an identity system.

Yesterday word broke that Equifax had suffered a data breach that resulted in 143 million identities being stolen. This is a huge deal, but not really too shocking given the rash of data breaches that have filled the news in recent years.

The typical response when we hear about these security problems is "why was their security so bad?" While I don't know any specifics about Equifax's security, it's likely that their security was pretty good. But the breach still occurred. Why? Because of Sutton's Law. When Willie Sutton was asked why he robbed banks, he reputedly said "cause that's where Continue reading "Equifax and Correlatable Identifiers"

Sovrin Self-Sustainability

Summary: For Sovrin to become a global, public utility that helps everyone create and manage self-sovereign identities, it must be independent and self-sustaining. This post outlines four idependence milestopnes for Sovrin Foundation.

The Sovrin Foundation began life about a year ago. We launched the Sovrin Network just last month. For Sovrin to achieve its goal of providing self-sovereign identity for all, the Foundation and the Network have to be independent and self-sustaining.

The idea for Sovrin-style identity and the technology behind it was developed by Evernym. To their credit, Evernym’s founders, Jason Law and Timothy Ruff, recognized that for their dream of a global identity system to become reality, they’d have to make Sovrin independent of Evernym. At present, Evernym continues to make huge contributions to Sovrin in time, code, money, and people. Our goal is to reduce these contributions, at least as a percentage of the total, over time.

Continue reading "Sovrin Self-Sustainability"

The Case for Decentralized Identity

Summary: We cannot decentralize many interesting systems without also decentralizing the identity systems upon which they rely. We're finally in a position to create truly decentralized systems for digital identity.

I go back and forth between thinking decentralization is inevitable and thinking it's just too hard. Lately, I'm optimistic because I think there's a good answer for one of the sticking points in building decentralized systems: decentralized identity.

Most interesting systems have an identity component. As Joe Andrieu says, "Identity is how we keep track of people and things and, in turn, how they keep track of us." The identity component is responsible for managing the identifiers and attributes that the system needs to function, authenticating the party making a request, and determining whether that party is authorized to make the request. But building an identity system that is usable, secure, maximizes privacy is difficult—much harder than most Continue reading "The Case for Decentralized Identity"

Identity, Sovrin, and the Internet of Things

Summary: Building the Internet of Things securely requires that we look to non-hierarchical models for managing trust. Sovrin provides a Web of Trust model for securing the Internet of Things that increases security and availability while giving device owners more control.
<a href="https://blogs.harvard.edu/doc/">Doc Searls</a> put me onto this report from Cable Labs: <a href="http://www.cablelabs.com/vision-secure-iot/">A Vision for Secure IoT</a>. Not bad stuff as far as it goes. The executive summary states:
IoT therefore represents the next major axis of growth for the Internet. But, without a significant change in how the IoT industry approaches security, this explosion of devices increases the risk to consumers and the Internet. To reduce these risks, the IoT industry and the broader Internet ecosystem must work together to mitigate the risks of insecure devices and ensure future devices are more secure by developing and adopting robust security standards for IoT devices. Industry-led standards represent the most promising approach Continue reading "Identity, Sovrin, and the Internet of Things"

Sovrin Web of Trust

Summary: Sovrin uses a heterarchical, decentralized Web of Trust model to build trust in identifiers and give people clues about what and who to trust.

The Web of Trust model for Sovrin is still being developed, but differs markedly from the trust model used by the Web.

The Web (specifically TLS/SSL) depends on a hierarchical certificate authority model called the Public Key Infrastructure (PKI) to determine which certificates can be trusted. When your browser determines that the domain name of the site you're on is associated with the public key being used to encrypt HTTP transmissions (and maybe that they’re controlled by a specific organization), it uses a certificate it downloads from the Website itself. How then can this certificate be trusted? Because it was cryptographically signed by some other organization who issued the public key and presumably checked the credentials of the company buying the certificate for the domain.

Continue reading "Sovrin Web of Trust"

Sovrin In-Depth Technical Review

Summary: Sovrin Foundation has engaged Engage Identity to perform a security review of Sovrin's technology and processes. Results will be available later this summer.
The <a href="http://sovrin.org/">Sovrin Foundation</a> and <a href="http://engageidentity.com/">Engage Identity</a> announced a new partnership today. Security experts from Engage Identity will be completing an in-depth technical review of the Sovrin Foundation’s entire security architecture.



Sovrin Foundation is very concerned that the advanced technology utilized by everyone depending on Sovrin is secure. That technology protects many valuable assets including private personal information and essential business data. As a result, we wanted to be fully aware of the risks and vulnerabilities in Sovrin. In addition, The Sovrin Foundation will benefit from having a roadmap for future security investment opportunities.



We're very happy to be working with Engage Identity, a leader in the security and identity industry. Established and emerging cryptographic identity protocols are one of their many areas of expertise. They have <!--more--> experience providing security analysis and recommendations for identity frameworks.



The Engage Identity team is lead by Sarah Squire, who has worked on user-centric open standards for many organizations including NIST, Yubico, and the OpenID Foundation. Sarah will be joined by Adam Migus and Alan Viars, both experienced authorities in the fields of identity and security.



The final report will be released this summer, and will include a review of the current security architecture, as well as opportunities for future investment. We intende to make the results public. Anticipated subjects of in-depth research are:
  • Resilience to denial of service attacks
  • Key management
  • Potential impacts of a Sovrin-governed namespace
  • Minimum technical requirements for framework participants
  • Ongoing risk management processes
Sovrin Foundation is excited to take this important step forward with Engage Identity to ensure that the future of self-sovereign identity management can thrive and grow.
Tags:

What He Said (about Sovrin)

phil-windley-headshotI joke with Phil Windley that half my blog posts are about his blog posts. But there’s a good reason for that. Phil’s a prolific blogger because he’s a prolific thinker, and there is a very high signal-to-noise ratio in those thoughts. Lately what Phil’s been thinking and blogging about is self-sovereign identity— specifically Sovrin, the new public permissioned ledger for self-sovereign identity that was announced last month at the Ctrl-Shift Personal Information Economy Conference in London. Phil is chair of the Sovrin Foundation Board of Trustees (I am Secretary), and in that leadership role he’s published a series of blog posts that stake out the philosophical, political, technical, and practical underpinnings of self-sovereign identity. Here’s a quick guide to these posts, in chronological order (oldest-to-newest):

The problem for people isn’t advertising, and the problem for advertising isn’t blocking. The problem for both is tracking.

Ingeyes Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking, @JuliaAngwin and @ProPublica unpack what the subhead says well enough: “Google is the latest tech company to drop the longstanding wall between anonymous online ad tracking and user’s names.” Here’s a message from humanity to Google and all the other spy organizations in the surveillance economy: Tracking is no less an invasion of privacy in apps and browsers than it is in homes, cars, purses, pants and wallets. That’s because our apps and browsers are personal and private. So are the devices on which we use them. Simple as that. (HT to @Apple for digging that fact.) To help online advertising business and the publications they support understand what ought to be obvious (but isn’t yet), let’s clear up some misconceptions:
  1. Tracking people without their clear and conscious permission is wrong. (Meaning The Castle Doctrine Continue reading "The problem for people isn’t advertising, and the problem for advertising isn’t blocking. The problem for both is tracking."

When People Can Share Verifiable Attributes, Everything Changes

Summary: Verifiable, owner-provided attributes are the engine that will drive wide-spread adoption of self-sovereign identity systems. This article explains how this models the way credentials work in the physical world and describes benefits of owner-provided attributes. In the physical world, people carry credentials to prove to others that they have certain attributes or hold certain privileges. Online, this is not possible. For example, a driver's license contains attributes like name, address, and date of birth that have been validated by the Driver's License Division. The driver’s license is widely viewed as trustworthy. Consequently, people use driver's licenses for purposes other than driving. For example, a school or pharmacy can easily verify that a license belongs to the person presenting it, and confirm the validity of the license without ever contacting the Driver's License Division directly. In other words, in the physical world, people hold and are the conveyors of their Continue reading "When People Can Share Verifiable Attributes, Everything Changes"

Self-sovereign Identity System (SIS)

In a recent series of blog posts by Phil Windley, the concept of a self-soveriegn identity system is introduced.

SIS purpose is just like it sounds. An independent identity system managed by users. The series leads up to the announcement last week of Sovrin.org. (But I will get to that later.) Since these are in a series of blog posts, they are in reverse chronological order. So here they are in order.
  1. Service Integration Via a Distributed Ledger
  2. Governance for Distributed Ledgers
  3. An Internet for Identity
  4. Self-Sovereign Identity and the Legitamacy of Permissioned Ledgers
Some of these are lengthy. The topic is complicated, but fundamental to the future. Take your time. Dont let TL;DR syndrome sidetrack you.

In World of Ends, Doc Searls and
Dave Weinberger enumerate the Internet’s three virtues:

Announcing the Sovrin Foundation

sovrin logo on black background In London today, we're announcing the formation of the Sovrin Foundation. Sovrin Foundation is a private-sector, international non-profit that was established to govern the Sovrin Identity Network (SIDN). SIDN is a public, permissioned distributed ledger purpose built for identities. The Internet was created without any way for people and organizations to be identified. On the Internet, only machines get identities in the form of IP numbers. This is understandable given what the creators of the Internet were trying to achieve. But the lack of a decentralized, heterarchical, and interoperable identity system has created an environment where the services most people use online are a lot more centralized than the Internet they're built upon. Sovrin Foundation aims to rectify that. Using the virtues of Internet as a model, The Sovrin identity protocol uses a distributed ledger to replace today's centralized identity intermediaries. I believe an Internet-like identity system will create Continue reading "Announcing the Sovrin Foundation"