A Self-Sovereign Identity Management System is a https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1323597878/User-Centric+Identity+Management+System with a particular architectural model. One of the key distinguishing characteristics of this model is that the role of the identity registration authority played by the identity provider in traditional identity management systems is replaced by the general ledger of a blockchain. This setup enables the presentation to third parties of verifiable claims linked to identities while simultaneously allowing entities to autonomously manage their identities throughout their lifecycle.
It should be noted that even though the necessity of a centralized registration authority is removed with this model, the system may nevertheless reuse credentials and attestations from such authorities, including governments and organizations, as indicia of identity.
Empowering the identity subject to the detriment of a central authority has diverse motivations. From a security perspective, a central authority may be compromised via attacks or coercion and consequently constitute a potential weakness. Limiting the capabilities or completely removing the authority from the system limits de facto its potential for exploitation. From a socio-political perspective, the management of digital identities is a significant public policy issue spanning a wide spectrum of domains including data privacy rights, socio-economical inclusion through accessibility of public and private digital services.
At the time of writing, SSI is a field of active research and its specific weaknesses and limitations are not very well documented. A minima, it is presumed to be subject to the generic weaknesses and limitations of blockchains and proof-of-work.