Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Domains of Identity & Self-Sovereign Identity MyData 2018

968 views

Published on

This is the keynote presentation that I gave at MyData 2018. It explains the connection between identity and personal data. Some of my story of how I began working on identity 15 years ago. The Domains of Identity, My master's report is explained and then core components of Self-Sovereign Identity is explained. I conclude sharing some thoughts on how we work together to build alignment.

Published in: Technology
  • How to Get Automated winning picks for NFL, NCAA and MLB? ★★★ https://tinyurl.com/yxcmgjf5
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD FULL. BOOKS INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

The Domains of Identity & Self-Sovereign Identity MyData 2018

  1. 1. Kaliya Young Self-Sovereign Identity Domains of Identity + @ Aug 29, 2018 This presentation includes slides from the following Community members: * Drummond Reed * Manu Sporny * Timothy Ruff * John Jordan & BC Team
  2. 2. Kaliya Young Self-Sovereign Identity Domains of Identity + @ Aug 29, 2018 1. The MyData —> Identity Connection 2. How did I begin in Identity? 3. The Domains of Identity - My Masters Report 4. An Overview of Self-Sovereign Identity 5. Conclusion —> Creating Alignment
  3. 3. begins with Identity
  4. 4. Identity is socially constructed & contextual
  5. 5. Who you see yourself to be. Who you preset yourself to be. How you are seen.
  6. 6. Groups Identity Contexts Are Social with People Family https://www.flickr.com/photos/houseoflim/409869608https://www.flickr.com/photos/twiga_swala/2286910386/ https://www.flickr.com/photos/genista/346236490/
  7. 7. Identity Contexts are also Institutional Organizational https://www.flickr.com/photos/tomsaint/33022263665 https://www.flickr.com/photos/usdagov/9583705941/
  8. 8. Increasingly Contexts Involve Devices https://www.flickr.com/photos/medithit/41538066141
  9. 9. Key aspects of “identity” in these contexts are the identifiers that come with those contexts.
  10. 10. Sports Association Number Identifiers of many types Student Numbers Customer Numbers Airline Points numbers Patient Numbers Government ID Number Passport Names
  11. 11. In the Digital World we have even more identifiers.
  12. 12. some we can pick..
  13. 13. …in someone else’s name space ORGYOU Account
  14. 14. They can be your “Identity Provider” ORGIDPYOU
  15. 15. MYURL.COM …but we really rent them… some identifiers we can pick…
  16. 16. #…and we rent our phone numbers
  17. 17. There are no digital identifiers we really own.
  18. 18. Without control of our identifiers we can’t have control over our personal data. How do we own our own digital identifiers? The quest for this is one I have been on for 15 years
  19. 19. Global Ecology and Information Technology 2000 The Link Tank
  20. 20. Building Identity and Trust into the Next Generation Internet
  21. 21. Underlying this report is the assumption that every individual ought to have the right to control his or her own online identity. You should be able to decide what information about yourself is collected as part of your digital profile, and of that information, who has access to different aspects of it.
  22. 22. Certainly, you should be able to read the complete contents of your own digital profile at any time. An online identity should be maintained as a capability that gives the user many forms of control. Without flexible access and control, trust in the system of federated network identity will be minimal.
  23. 23. A digital profile is not treated [by corporations who host them] as the formal extension of the person it represents. But if this crucial data about you is not owned by you, what right do you have to manage its use? A civil society approach to persistent identity is a cornerstone of the Augmented Social Network project.
  24. 24. Organizations would have identities People would have identities OPEN STANDARDS FOR IDENTIFIERS & DATA EXCHANGE
  25. 25. They would be able to connect on their own terms Each being first class nodes on the network.
  26. 26. Building Identity and Trust into the Next Generation Internet
  27. 27. Internet Identity Workshop 2005
  28. 28. First I need to share the Domains of Identity
  29. 29. Its Everyone, Everywhere https://www.flickr.com/photos/nasamarshall/3945024874
  30. 30. Master of Science in Identity Management and Security Identity and Security Class
  31. 31. Master of Science in Identity Management and Security What are all the different places that PII ends up in databases?
  32. 32. 1. Me and My Identity
  33. 33. 1. Me and My Identity User-Centric Digital Identity
  34. 34. 1. Me and My Identity Indie Web Efforts
  35. 35. 1. Me and My Identity Quantified Self Movement
  36. 36. 1. Me and My Identity Self-Sovereign Identity
  37. 37. 1. Me and My Identity MyData
  38. 38. 1. Me and My Identity
  39. 39. Children Elders
  40. 40. 2. You and My Identity Delegated Relationships
  41. 41. These are the source of data in the interactions with the next 12 domains.
  42. 42. The Next 12 Domains
  43. 43. 2 1 REGISTRATION IDENTIFICATION Government Registration 3. Government Registration
  44. 44. Government Transactions 2 1 IDENTIFICATION SERVICES 4. Government Transactions
  45. 45. Civil Society Health Care Education Union Membership Religious Institutions Sports Teams Civic Participation Professional Associations
  46. 46. 2 1 REGISTRATION CREDENTIALS Civil Society Registration 5. Civil Society Registration
  47. 47. Civil Society Transactions CREDENTIALS SERVICES 1 2 6. Civil Society Transaction
  48. 48. Commercial Registration 2 1 REGISTRATION CREDENTIALS 7. Commercial Registration
  49. 49. Commercial Transactions 1 CREDENTIALS GOODS & SERVICES 2 3 PAYMENT 8. Commercial Transaction
  50. 50. 1 2 4 3 Employment Registration APPLICATION CREDENTIALS ENROLLMENT 12. Employment Registration
  51. 51. 1 2 3 Employment Transaction WORK TRANSACTION CREDENTIALS 13. Employment Transactions
  52. 52. Surveillance
  53. 53. 1) Voluntary Known Surveillance
  54. 54. 1) Voluntary Known 2) Involuntary Known Surveillance
  55. 55. Surveillance 1) Voluntary Known 2) Involuntary Known 3) Involuntary Unknown
  56. 56. Government Surveillance 9. Government Surveillance
  57. 57. Civial Society Surveillance 10. Civil Society Surveillance
  58. 58. Commercial Surveillance 11. Commercial Surveillance
  59. 59. Employment Surveillance WORK 14. Employment Surveillance
  60. 60. 1
  61. 61. 15. Data Broker Industry 1 2 3 DATA PUBLIC DATA DIGITAL DOSSIERS DA T A DATA 4 6 5 5
  62. 62. DATA 16. Black Market
  63. 63. Surveillance Sousveillance Sousveillance
  64. 64. Surveillance Sousveillance Sousveillance
  65. 65. Self-Sovereign Identity Domains of
 Identity https://medium.com/evernym/the-three-models-of-digital-identity-relationships-ca0727cb5186
  66. 66. PEER YOU
  67. 67. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store Agent/Hub PEERYOU Self-Sovereign Identity
  68. 68. Decentralized IDentifier - DID did:sov:3k9dg356wdcj5gf2k9bw8kfg7a Method Scheme Method-Specific Identifier Slide credit: Drummond Reed, Sovrin Foundation
  69. 69. did:sov:3k9dg356wdcj5gf2k9bw8kfg7a Slide credit: Drummond Reed, Sovrin Foundation
  70. 70. did:sov:3k9dg356wdcj5gf2k9bw8kfg7a 047d599d4521480d9e1919481b024f29d2693f2 72d19473dbef971d7d529f6e9 Private
 Key Public Key cc2cd0ffde594d278c2d9b432f4748506a7f9f2 5141e485eb84bc188382019b6 Slide credit: Drummond Reed, Sovrin Foundation
  71. 71. did:sov:3k9dg356wdcj5gf2k9bw8kfg7a 047d599d4521480d9e1919481b024f29d2693f2 72d19473dbef971d7d529f6e9 Private
 Key Public Key cc2cd0ffde594d278c2d9b432f4748506a7f9f2 5141e485eb84bc188382019b6 Slide credit: Drummond Reed, Sovrin Foundation HELD IN A WALLET
  72. 72. { “Key”: “Value” } DID Decentralized Identifier DID Document JSON-LD document describing the entity identified by the DID Slide credit: Drummond Reed, Sovrin Foundation
  73. 73. 1. DID (for self-description) 2. Set of public keys (for verification) 3. Set of auth protocols (for authentication) 4. Set of service endpoints (for interaction) 5. Timestamp (for audit history) 6. Signature (for integrity) !88 The standard elements of a DID doc Slide credit: Drummond Reed, Sovrin Foundation
  74. 74. Example DID Document (Part 1) !89 { "@context": "https://w3id.org/did/v1", "id": "did:example:123456789abcdefghi", "publicKey": [{ "id": "did:example:123456789abcdefghi#keys-1", "type": "RsaSigningKey2018", "owner": "did:example:123456789abcdefghi", "publicKeyPem": "-----BEGIN PUBLIC KEY...END PUBLIC KEY-----rn" }], "authentication": [{ "type": "RsaSignatureAuthentication2018", "publicKey": "did:example:123456789abcdefghi#keys-1" }], "service": [{ "type": "ExampleService", "serviceEndpoint": "https://example.com/endpoint/8377464" }], Slide credit: Drummond Reed, Sovrin Foundation
  75. 75. Example DID Document (Part 2) !90 "created": "2002-10-10T17:00:00Z", "updated": "2016-10-17T02:41:00Z", "signature": { "type": "RsaSignature2016", "created": "2016-02-08T16:02:20Z", "creator": "did:sov:8uQhQMGzWxR8vw5P3UWH1j#key/1", "signatureValue": "IOmA4R7TfhkYTYW87z640O3GYFldw0 yqie9Wl1kZ5OBYNAKOwG5uOsPRK8/2C4STOWF+83cMcbZ3CBMq2/ gi25s=" } } Slide credit: Drummond Reed, Sovrin Foundation
  76. 76. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store Agent/Hub Shared Ledgers BTCR IPFS
  77. 77. !92 Method DID prefix Sovrin did:sov: Bitcoin Reference did:btcr: Ethereum uPort did:uport: Blockstack did:stack: Veres One did:v1: IPFS did:ipld: Active DID Method Specs Slide credit: Drummond Reed, Sovrin Foundation
  78. 78. 1. The syntax of the method-specific identifier 2. Any method-specific elements of a 
 DID document 3. The CRUD (Create, Read, Update, Delete) operations on DIDs and DID documents for the target system !93 A DID Method spec defines… Slide credit: Drummond Reed, Sovrin Foundation
  79. 79. Building a Universal Resolver
  80. 80. WALLET Agent/Hub
  81. 81. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store Agent/Hub S Identifier Owners Edge Layer Cloud Layer Agent/HubAgent/Hub WALLET WALLET IPFS BTCR Secure Communication Channel with PKI
  82. 82. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store Agent/Hub S Identifier Owners Edge Layer Cloud Layer Agent/HubAgent/Hub WALLET WALLET IPFS BTCR Secure Communication Channel with PKI
  83. 83. did:sov:3k9dg356wdcj5gf2k9bw8kfg7a Slide credit: Drummond Reed, Sovrin Foundation Who cares about really long numbers?
  84. 84. Verifiable Credentials
  85. 85. HOLDERHOLDER VERIFIERVERIFIER When a credential is shown to a verifier with a proof of ID, verification is highly fallible.
  86. 86. Fancy print gimmicks might make a credential seem authentic but these are easy to forge these days.
  87. 87. How do you know its true? Without… THE CENTRALIZED DATABASE
  88. 88. Verification systems are overly complex … PORTAL and create privacy problem.
  89. 89. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store Agent/Hub
  90. 90. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  91. 91. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  92. 92. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  93. 93. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  94. 94. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  95. 95. A Verifiable Credential has a standard format. 110 Slide credit: Manu Sporny Veres One
  96. 96. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  97. 97. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  98. 98. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  99. 99. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  100. 100. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  101. 101. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store ISSUER WALLET VERIFIER
  102. 102. No PII ends up on the shared ledgers
  103. 103. WALLET Agent/Hub
  104. 104. WALLET Agent/Hub
  105. 105. 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration 3.GovernmentRegistration WALLET Agent/Hub
  106. 106. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration 3.GovernmentRegistration WALLET Agent/Hub
  107. 107. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions 2 1 REGIST RATION CRED ENTIALS CivilSociety Registration 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration 3.GovernmentRegistration 5.CivilSocietyRegistration WALLET Agent/Hub
  108. 108. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions CivilSocietyTransactions CRED ENTIALS SERVICES1 2 6. Civil Society Transaction 2 1 REGIST RATION CRED ENTIALS CivilSociety Registration 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration 3.GovernmentRegistration 5.CivilSocietyRegistration WALLET Agent/Hub
  109. 109. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions CivilSocietyTransactions CRED ENTIALS SERVICES1 2 6. Civil Society Transaction 2 1 REGIST RATION CRED ENTIALS CivilSociety Registration 1 2 4 3 Employment Registration APPLICATION CREDENTIALS ENROLLMENT 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration 3.GovernmentRegistration 5.CivilSocietyRegistration 13.EmploymentRegistration WALLET Agent/Hub
  110. 110. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions CivilSocietyTransactions CRED ENTIALS SERVICES1 2 6. Civil Society Transaction 1 2 3 Em ploym entTransaction WORKTRANSAC TION CREDENTIA LS 13. Employment Transactions 2 1 REGIST RATION CRED ENTIALS CivilSociety Registration 1 2 4 3 Employment Registration APPLICATION CREDENTIALS ENROLLMENT 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration 3.GovernmentRegistration 5.CivilSocietyRegistration 13.EmploymentRegistration WALLET Agent/Hub
  111. 111. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions CivilSocietyTransactions CRED ENTIALS SERVICES1 2 6. Civil Society Transaction 1 2 3 Em ploym entTransaction WORKTRANSAC TION CREDENTIA LS 13. Employment Transactions 2 1 REGIST RATION CRED ENTIALS CivilSociety Registration 1 2 4 3 Employment Registration APPLICATION CREDENTIALS ENROLLMENT 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration CommercialRegistration 2 1 REGISTRATION CREDENTIA LS 3.GovernmentRegistration 5.CivilSocietyRegistration 7.Com m ercialRegistration 13.EmploymentRegistration WALLET Agent/Hub
  112. 112. GovernmentTransactions 2 1 IDENTIFICATION SERVICES 4.GovernmentTransactions CivilSocietyTransactions CRED ENTIALS SERVICES1 2 6. Civil Society Transaction Commercial Transactions 1 CRE D ENTIALS GOODS & SERVICE S 2 3 PAYM ENT 8.Com m ercialTransaction 1 2 3 Em ploym entTransaction WORKTRANSAC TION CREDENTIA LS 13. Employment Transactions 2 1 REGIST RATION CRED ENTIALS CivilSociety Registration 1 2 4 3 Employment Registration APPLICATION CREDENTIALS ENROLLMENT 2 1 REGISTRATION IDENTIFICATION GovernmentRegistration CommercialRegistration 2 1 REGISTRATION CREDENTIA LS 3.GovernmentRegistration 5.CivilSocietyRegistration 7.Com m ercialRegistration 13.EmploymentRegistration WALLET Agent/Hub
  113. 113. ISSUER WALLET VERIFIER Shared Ledger or other Immutable Data Store Agent/Hub PEERYOU
  114. 114. Individuals have their own Identities
  115. 115. What about the organizations?
  116. 116. Verifiable Organizations Network
  117. 117. Paper documents are cumbersome as proof of legal compliance and permission. REGISTERED PERATING PERMIT QUALIFICATION Certificate of PERMIT en CONFIRMATION LETTER REGISTERED PERATING PERMIT QUALIFICATION Certificate of PERMIT en CONFIRMATION LETTER
  118. 118. Let’s look at an example
  119. 119. PROVINCE INCORPORATION REGIONAL HEALTH AUTHORITY PERMIT MUNICIPALITY BUSINESS LICENSE Mary requires a variety of documents in order to establish her bakery. Some requirements are not obvious, so she’ll have to do her homework.
  120. 120. This journey involves multiple sources … PROVINCE INCORPORATION REGIONAL HEALTHAUTHORITY PERMIT MUNICIPALITY BUSINESS LICENSE … and modes of service delivery.
  121. 121. STEP 12 All of this activity is a major burden for all involved.
  122. 122. What if … businesses could provide verifiable proofs about qualifications when transacting online? Mary owns this proof-of status for her business Certificate issued Certificate shared Certificate verified
  123. 123. The credential definition is created and published on the blockchain (ledger) by an issuer. DEFINITIONDEFINITION LEDGERLEDGERISSUERISSUER
  124. 124. Open registry of decentralized identifiers. PERMIT ISSUERS HOLDER VERIFIERS
  125. 125. We have a chicken-or-egg dilemma. How do we kickstart one side of the market?
  126. 126. What can services plug into to get things rolling?
  127. 127. Welcome to British Columbia’s verifiable organizations. search TheOrgBook fills that role and unlocks the hidden value of BC Registries data. Registration, permit, and license services can plug into incorporated businesses.
  128. 128. Welcome to British Columbia’s verifiable organizations. search Digitally signed and sealed verifiable claims A global, open blockchain registry
  129. 129. MARY OLIVIERA The new enrollment experience is more convenient … … with a global, open blockchain registry.
  130. 130. Mary can own her proof-of-status and store them in her digital wallet … … which opens up more service possibilities …
  131. 131. A decentralized verifiable credential is carried by the holder on a smart phone or other computing device. The phone does a lot of the work as the holder’s agent.
  132. 132. Organizations now have identities
  133. 133. Organizations now have identities People now have identities
  134. 134. Organizations now have identities People now have identities OPEN STANDARDS FOR IDENTIFIERS & DATA EXCHANGE
  135. 135. ssiscoop.com
  136. 136. Protocol is a language that regulates flow, directs netspace, codes relationships, and connects life forms. It is etiquette for autonomous agents. -Alexander Gallway, Protocol
  137. 137. We must make it right. We must make it happen. …but who is we? …and how do we do it?
  138. 138. We is….
  139. 139. Decentralized Identity Foundation We is….
  140. 140. “everyone” We is….
  141. 141. We must Practice Systems Leadership
  142. 142. We must Practice Systems Leadership Phase 1: See the Larger System
  143. 143. Have an Ecosystem Map
  144. 144. Have an Ecosystem Map ^ upto date
  145. 145. We must Practice Systems Leadership Phase 1: See the Larger System Phase 2: Reflective and Generative Conversation
  146. 146. EMPLOY Systems Leaders Build Self-Organizing Capacity We must Hire good community “managers”catalysts
  147. 147. We must Practice Systems Leadership Phase 1: See the Larger System Phase 2: Reflective and Generative Conversation Phase 3: Co-Create the Future
  148. 148. Coordinate development of common building blocks: Code, Infrastructure, Protocols…. Ship Interoperable Products
  149. 149. Coordinate development of common building blocks: Code, Infrastructure, Protocols…. Ship Interoperable Products Work towards alignment, not control.
  150. 150. Ask and listen first. Write it down. Put a stake in the ground. Create real-time feedback loops. What does it take to Build Alignment? Remind each other what we’re doing and why.
  151. 151. Alignment is a process. We must set our expectations accordingly, and celebrate each victory along the way.
  152. 152. We will make it right. We will make it happen. Together!
  153. 153. ssiscoop.com Kaliya Young identitywoman.net Internet Identity Workshop

×