Alternative Forms
SSI
Acronym
Definitions
Definition 1
A Self-Sovereign Identity Management System is a User-Centric Identity Management System with a particular architectural model. One of the key distinguishing characteristics of this model is that the role of the identity registration authority played by the identity provider in traditional identity management systems is replaced by the general ledger of a block chainblockchain. This setup enables the presentation to third parties of verifiable claims linked to identities while simultaneously allowing entities to autonomously manage their identities throughout their lifecycle.
It should be noted that even though the necessity of a centralized registration authority is removed with this model, the system may nevertheless reuse credentials and attestations from such authorities, including governments and organizations, as indicia of identity.
In this model, identities are loosely coupled to the service providers, which distinguishes it from Service-Centric Identity Management System.
Empowering the identity subject to the detriment of a central authority has diverse motivations. From a security perspective, a central authority may be compromised via attacks or coercion and consequently constitute a potential weakness. Limiting the capabilities or completely removing the authority from the system limits de facto its potential for exploitation. From a socio-political perspective, the management of digital identities is a significant public policy issue spanning a wide spectrum of domains including data privacy rights, socio-economical inclusion through accessibility of public and private digital services.
The following are understood as core components capabilities of SSI:
identification of entities,
authentication of entities,
issuance of verifiable claims about identities,
attribute storage of identity attributes.
A number of key desirable characteristics of Self-Sovereign Identity systems have been identified in Tobin et al., 2017 and organized in 3 categories:
Security
Protection
Persistance
Minimization
Controllability
Existence
Control
Consent
Portability
Interoperability
Transparency
Access
Portability
Multiple implementation approaches are possible for SSI with countless nuances, including:
Known weaknesses and limitations
At the time of writing, SSI is a field of active research and its specific weaknesses and limitations are not very well documented. A minima, it is presumed to be subject to the generic weaknesses and limitations of blockchains and proof-of-work.
Example Sentence
Bob was using his social network identity to authenticate to a multitude of other services. Eve, the CEO of the social network, decided to change the service data privacy policy to increase her profits by selling more data related to the social network users. Bob was thus placed in a difficult dilemma: accept the new privacy agreement he disagreed with to maintain his identity in the other services, or spend significant efforts to migrate all his service identities. Fortunately, Eve setup a Self-Sovereign Identity system which helped Bob regain control over his digital identity.
Example SSIs
Blockstack, Civic, Interplanetary Identifiers, SelfKey, Sovrin, uPort, Veres One, W3C decentralized identitiers (DID).
Conceptual Diagram
Related Terms
Block Chain
Claim Registry Model
HyponymDigital Identification System
Hyperonym
Identity Management System
HyperonymIdentifier Registry Model
HyponymService-Centric Identity Management System
Co-hyponymUser-Centric Identity Management System
Hyperonym
Quotes
| Include Page | ||||
|---|---|---|---|---|
|
Self-Sovereign Identity: The concept of a lifetime portable digital identity, completely controlled by the individual, that does not depend on any central authority and can never be taken away.17
(World Bank Group and GPFI, 2018, p. viii)
| Include Page | ||||
|---|---|---|---|---|
|
| Include Page | ||||
|---|---|---|---|---|
|
Bibliography
See Also
| Filter by label (Content by label) | ||||||
|---|---|---|---|---|---|---|
|