Decentralized digital identity is an emerging digital identity model that is enabled by the development of the blockchain technology. The decentralized identity model is at the core of self-sovereign identity (SSI), which grants individuals full control of their own personal data. A decentralized identity platform for SSI consists of three essential components, namely an identity trust fabric, an identity wallet and an identity management system. 

  1. Identity Trust Fabric (ITF) a distributed ledger for immutably recording proofs of digital identity and managing cryptographic public keys. It enables a decentralized, common trust point without an intervening central authority. 
  2. Identity Wallet — an application for generating, binding, maintaining and presenting digital identity of an individual user. It also provides an interface to a device’s local secure environment that stores and manages cryptographic keys.  An identity wallet could be installed on a mobile device, a workstation or a cloud platform. 
  3. Identity Management a decentralized system for providing management, availability and protection of decentralized digital identity. This includes identity proofing and authentication for service providers and identity wallet recovery for individual users.  

Core Functionality 

A decentralized identity platform facilitates interaction between three parties: an individual user (holder)a service provider (verifier) and a trusted third party (issuer). It provides the following core functionality: 

  1. Registration  a user registers with a trusted third party through an identity proofing process. 
  2. Issuance  the trusted third party approves the registration and issuer a verifiable credential to the user. A cryptographic proof of the verifiable credential will also be recorded in the ITF.
  3. Presentation  the user generates a verifiable presentation from the verifiable credential and presents it to the service provider. 
  4. Verification  the service provide verifies the presentation by comparing it with its cryptographic proof in the ITF. 
  5. Access — the service provider approves the presentation and grants the user access to its service

 

Core Strengths 

  1. Security — a traditional, centralized service provider keeps record of digital identity for verification and authentication of their users. This presents a single point of failure, which can be exploited by malicious hackers. decentralized identity platform reduces this risk by enabling credential verification with the ITF. 
  2. Privacy — an identity wallet allows users to control and manage their personally identifiable information (PII) on their personal devices. This help reduce the role of central repositories for PII storage. 
  3. Interoperability the ITF provides a common trust point and promotes collaboration between different organizations. An organization could seamlessly verify a credential from another organization through the ITF. 
  4. Resilience  the decentralized and distributed nature of the blockchain technology provides great resilience against arbitrary system failure including power outages and malicious attacks.

 

References

  • H. Farahmand, Blockchain: The Dawn of Decentralized Identity, Gartner Research (2018).
  • J. Care and A. Khan, Market Guide for Identity Proofing and Corroboration, Gartner Research (2019).

New : 2020 Guidance for Decentralized Identity and Verifiable Claims

Get the guide