SSIMeetup, profile picture
Uploaded bySSIMeetup
PDF, PPTX1,779 views

Machine identity - DIDs and verifiable credentials for a secure, trustworthy and interoperable IoT - Mrinal Wadhwa

The document discusses using decentralized identifiers (DIDs) and verifiable credentials to enable trust and interoperability in the Internet of Things (IoT). It describes how traditional IoT systems face challenges with identity, authentication, authorization, and interoperability due to fragmented identification schemes. The presentation introduces DIDs as a new type of identifier that allows entities to prove control over digital identities. It also discusses how verifiable credentials and decentralized key management can improve trustworthiness for IoT devices and systems. The goal is to establish a common foundation for identity to simplify development of autonomous systems using connected devices and machines.

Embed presentation

Download as PDF, PPTX
MACHINE IDENTITY Decentralized Identifiers & Verifiable Credentials for Trust & Interoperability in the Internet of Things Mrinal Wadhwa CTO @ Ockam @mrinal This presentation is released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA SSIMeetup.org Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org https://creativecommons.org/licenses/by-sa/4.0/ SSIMeetup objectives
I’m passionate about building systems where connected machines come together with intelligent algorithms to improve our lives. AUTONOMOUS SYSTEMS This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
PLUMBING But I spend most of my days doing what is best described as - digital plumbing. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. To illustrate, let’s think about how we may build this extremely simple autonomous system. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we identify a person? How do we authenticate them? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we know they entered? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we identify a room? Which people are authorized to change this room’s temperature? This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we change temperature? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. What is room temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we know their preferred temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we identify a person? How do we authenticate them? How do we know they entered? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? How do we identify a room? Which people are authorized to change this room’s temperature? How do we change temperature? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? How do we know their preferred temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? What is room temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. This seems hard, surely someone else has already built it. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
Found one with a quick google search, but it only works with Nest and IFFTT, our hardware is different :(. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. 1000s of People Identity Systems Google, Facebook, Apple, Active Directory, Custom Apps etc. 1000s of phones, motion sensors, RFID reader etc. 100s of IoT platforms, proprietary systems etc. 100s of building management systems and custom apps etc. 1000s of HVAC systems, Thermostats etc. 1000s of custom apps. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A PERSON ENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. Also, this problem statement isn’t general enough, we like to write reusable code. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF A SHIPMENT ENTERS A CONTAINER CHANGE CONTAINER TEMPERATURE TO IDEAL TEMPERATURE OF SHIPMENT. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
IF AN ENTITY THAT HAS PREFERENCES, IS DETECTED AS HAVING ENTERED AN AREA THAT CAN APPLY PREFERENCES APPLY ALL ENTITY PREFERENCES THAT THE AREA CAN APPLY THAT THIS ENTITY IS AUTHORIZED TO APPLY TO THIS AREA. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
PLUMBING Most IoT developers spend most of their time dealing with this complicated plumbing, the magic is rare. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
SCALABILITY SECURITY PRIVACY TRUST RELIABILITY All this plumbing complexity manifests as weaknesses in other key architectural requirements. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
BUILDING BLOCKS Decentralized Identifiers (DIDs) Knowledge Graphs Semantic, Linked Data Linked Data Signatures Linked Data Proofs Cryptography DID Documents Verifiable Claims/Credentials Authorization/Object CapabilitiesAuthentication Shared Schemas & Ontologies Blockchains This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
SCHEME DECENTRALIZED IDENTIFIERS did:ockam:2QyqWz4xWB5o4Pr9G9fcZjXTE2ej5 METHOD METHOD SPECIFIC UNIQUE STRING This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
If you have a DID string, you can resolve it to its DID Document via its Method. We did not have this property of global uniqueness/resolvability across systems with older ID schemes. This breaks silos. GLOBALLY RESOLVABLE ACCESS CONTROL ALGORITHM did:ockam:2QyqWz4xWB5o4Pr9G9fcZjXTE2ej5 did:sov:2wJPyULfLLnYTEFYzByfUR Device Identity People Identity did:v1:nym:4jWHwNdrG9-6jd9.. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
DID DOCUMENTS DID Documents are Linked Data documents that describe the DID, they contain the public keys of the DID, authentication methods, services etc… This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
CRYPTOGRAPHICALLY PROVABLE If a device possess the corresponding private key, a device can cryptographically prove its identity. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
DECENTRALIZED KEY MANAGEMENT DEVICE BACKEND Backend public Device secret Backend secret Device public Sensed Data, Acknowledgements etc. Control Instructions, Firmware & Configuration updates etc. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
SERVICE DISCOVERY This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
SEMANTIC & LINKED DATA The progress made by the open web community around Linked Data can be applied to IoT. This brings semantic meaning and relationships to IoT data … This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
Instead of describing temperature as a key of my choosing “temperature”, “temp” or “T” … This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
Let’s describe it with well defined semantics. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
Now, two developers who have never met or coordinated can independently build a temperature sensor and a controller that can work with each other. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
Now this data is about an entity (room) described by the above DID. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
VERIFIABLE CLAIMS VALUESUBJECT PROPERTY SIGNED BY ISSUER This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
TEMPERATURE VERIFIABLE CLAIMS 70ROOM SIGNED BY ISSUER This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
VERIFIABLE CLAIMS This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
WEB OF TRUST CLAIM:BOM PLM System CLAIM:Audit Security Auditor REGISTERED CLAIM:Firmware-V1 Software Update Service did:ockam:2QyqWz4xWB5o4Pr9G9fcZjXTE2ej5 CLAIM:Firmware-V2 Software Update Service CLAIM:Deployed On boarding Service Key Rotated Device This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
○ Was the device made by a reputable manufacturer? ○ Does the device have hardware based cryptography and secure key storage? ○ Does the device have unique identity and cryptographic keys? ○ Has the device been audited by a security auditing firm? ○ Is there a signed audit proof? ○ Are there any known vulnerabilities for the device hardware/software? ○ Does the device produce signed data and signed firmware acknowledgements? ○ Does the device have the latest firmware? ○ Who installed the device? Who provisioned the device? etc. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
TRUST ARCHITECTURE This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
AUTHENTICATION This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
AUTHORIZATION This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
https://github.com/ockam-network/ockam Decentralized Identifiers (DIDs) Knowledge Graphs Semantic, Linked Data Linked Data Signatures Linked Data Proofs Cryptography DID Documents Verifiable Claims/Credentials Authorization/Object CapabilitiesAuthentication Shared Schemas & Ontologies Blockchains Ockam is an open-source collection of tools that makes it simple to build connected solutions with these building blocks. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
Decentralized Identifiers (DIDs) Knowledge Graphs Semantic, Linked Data Linked Data Signatures Linked Data Proofs Cryptography DID Documents Verifiable Claims/Credentials Authorization/Object CapabilitiesAuthentication Shared Schemas & Ontologies Blockchains Hardware Key Storage & Cryptography Blockchains Light ClientsBattery Efficient Messaging & Transports Zero Knowledge Proofs Private InteractionsSecure Zero Touch Onboarding Bidirectional Signed/Encrypted DataSigned Firmware & Config Updates Service & Data format discovery https://github.com/ockam-network/ockam We’re also building open tools for several other related capabilities for IoT systems This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
https://github.com/ockam-network/did We open sourced a Golang parser for DIDs, give it a try. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
MACHINE IDENTITY Decentralized Identifiers & Verifiable Credentials for Trust & Interoperability in the Internet of Things Mrinal Wadhwa CTO @ Ockam @mrinal This presentation is released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org @ockam_io https://ockam.io
● Robot by Vectors Market from the Noun Project ● pipes by Aleksandr Vector from the Noun Project ● valve by Ben Davis from the Noun Project Attributions for images used in this deck:

More Related Content

PDF
AWS Summit Seoul 2023 | LG유플러스 IPTV 서비스, 무중단 클라우드 마이그레이션 이야기
byAmazon Web Services Korea
 
PDF
Week 4 lecture material cc (1)
byAnkit Gupta
 
PPTX
20190427 arquitectura de microservicios con contenedores
byRicardo González
 
PPTX
20180123 20分でlive配信aws media services(media live mediapackage)_pub
byKameda Harunobu
 
PDF
AWS Step Functions
byAxEdge Consulting
 
PDF
Building a Sustainable Data Platform on AWS
bySmartNews, Inc.
 
PDF
데이터베이스 운영, 서버리스로 걱정 끝! - 윤석찬, AWS 테크에반젤리스트 - AWS Builders Online Series
byAmazon Web Services Korea
 
PPTX
RDF Data Model
byJose Emilio Labra Gayo
 
AWS Summit Seoul 2023 | LG유플러스 IPTV 서비스, 무중단 클라우드 마이그레이션 이야기
byAmazon Web Services Korea
 
Week 4 lecture material cc (1)
byAnkit Gupta
 
20190427 arquitectura de microservicios con contenedores
byRicardo González
 
20180123 20分でlive配信aws media services(media live mediapackage)_pub
byKameda Harunobu
 
AWS Step Functions
byAxEdge Consulting
 
Building a Sustainable Data Platform on AWS
bySmartNews, Inc.
 
데이터베이스 운영, 서버리스로 걱정 끝! - 윤석찬, AWS 테크에반젤리스트 - AWS Builders Online Series
byAmazon Web Services Korea
 
RDF Data Model
byJose Emilio Labra Gayo
 

What's hot

PDF
AWS Concepts - Internship Presentation - week 10
byDevang Garach
 
PPTX
Infra as Code with Packer, Ansible and Terraform
byInho Kang
 
PDF
Kubernetes Security with Calico and Open Policy Agent
byCloudOps2005
 
PDF
[AWS Builders] AWS상의 보안 위협 탐지 및 대응
byAmazon Web Services Korea
 
PPTX
Virtualization- Cloud Computing
byNIKHILKUMAR SHARDOOR
 
PDF
Canonical Modeling for API Interoperability
byTed Epstein
 
PDF
20190604 AWS Black Belt Online Seminar Amazon Simple Notification Service (SNS)
byAmazon Web Services Japan
 
PPTX
Overview of Azure Arc enabled Kubernetes
byPieter de Bruin
 
PDF
AWS의 다양한 Compute 서비스(EC2, Lambda, ECS, Batch, Elastic Beanstalk)의 특징 이해하기 - 김...
byAmazon Web Services Korea
 
PDF
EC-CUBEによるECサイトの負荷対策
byKazunori Inaba
 
PDF
Open Policy Agent
byTorin Sandall
 
PPTX
Introduction to ML with Apache Spark MLlib
byTaras Matyashovsky
 
PDF
Amazon Elastcsearch Service 소개 및 활용 방법 (윤석찬)
byAmazon Web Services Korea
 
PDF
Applied Machine Learning for Ranking Products in an Ecommerce Setting
byDatabricks
 
PDF
AWS IAM
byDiego Pacheco
 
PPTX
Basics AWS Presentation
byShyam Kumar
 
PDF
Advanced RAG Optimization To Make it Production-ready
byZilliz
 
PDF
Introduction to Ontology Concepts and Terminology
bySteven Miller
 
PDF
천만 사용자를 위한 AWS 아키텍처 보안 모범 사례 (윤석찬, 테크에반젤리스트)
byAmazon Web Services Korea
 
PDF
Service-Oriented Architecture (SOA)
byWSO2
 
AWS Concepts - Internship Presentation - week 10
byDevang Garach
 
Infra as Code with Packer, Ansible and Terraform
byInho Kang
 
Kubernetes Security with Calico and Open Policy Agent
byCloudOps2005
 
[AWS Builders] AWS상의 보안 위협 탐지 및 대응
byAmazon Web Services Korea
 
Virtualization- Cloud Computing
byNIKHILKUMAR SHARDOOR
 
Canonical Modeling for API Interoperability
byTed Epstein
 
20190604 AWS Black Belt Online Seminar Amazon Simple Notification Service (SNS)
byAmazon Web Services Japan
 
Overview of Azure Arc enabled Kubernetes
byPieter de Bruin
 
AWS의 다양한 Compute 서비스(EC2, Lambda, ECS, Batch, Elastic Beanstalk)의 특징 이해하기 - 김...
byAmazon Web Services Korea
 
EC-CUBEによるECサイトの負荷対策
byKazunori Inaba
 
Open Policy Agent
byTorin Sandall
 
Introduction to ML with Apache Spark MLlib
byTaras Matyashovsky
 
Amazon Elastcsearch Service 소개 및 활용 방법 (윤석찬)
byAmazon Web Services Korea
 
Applied Machine Learning for Ranking Products in an Ecommerce Setting
byDatabricks
 
AWS IAM
byDiego Pacheco
 
Basics AWS Presentation
byShyam Kumar
 
Advanced RAG Optimization To Make it Production-ready
byZilliz
 
Introduction to Ontology Concepts and Terminology
bySteven Miller
 
천만 사용자를 위한 AWS 아키텍처 보안 모범 사례 (윤석찬, 테크에반젤리스트)
byAmazon Web Services Korea
 
Service-Oriented Architecture (SOA)
byWSO2
 

Similar to Machine identity - DIDs and verifiable credentials for a secure, trustworthy and interoperable IoT - Mrinal Wadhwa

PDF
Industrial Hazard Monitoring using IOT
byAyush Chhangani
 
PPT
unit 1 portiorgegegegrgergegergegergn.ppt
bypankajrangaree2
 
PPTX
Final Year Project Review dddddddddddddddddddddddddddd
byLaxmanSundar1
 
PDF
IzoT platform presentation
byEchelon Corporation
 
PPTX
FYP PRESENTATION-ROOM MONITORING SYSTEM USING IOT
byinrhumaira
 
PPTX
MINI Project 1B PPT (20000000000000000000).pptx
byvinayakpanchal346
 
PDF
SF IoT Meetup - Decentralized Identifiers & Verifiable Claims
byMrinal Wadhwa
 
PDF
Decentralized Identifiers & Verifiable Claims for IoT-1548352210.pdf
byM KA
 
PPTX
Internet of Things: Identity & Security with Open Standards
byGeorge Fletcher
 
PDF
Ryan Wilson - ryanwilson.com - IoT Security
byRyan Wilson
 
PPTX
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
byWSO2
 
PDF
This Time, It’s Personal: Why Security and the IoT Is Different
byJustin Grammens
 
PDF
Scaling IoT: Telemetry, Command & Control, Analytics and the Cloud
byNick Landry
 
PDF
Track 3 session 5 - st dev con 2016 - microsoft - from sensors to business ...
byST_World
 
PDF
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
byWSO2
 
PDF
Demystifying Internet of Things
byQian JIN
 
PDF
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
byPositive Hack Days
 
PPTX
Internet of Things TCLG Oct 23 2014
byLisa Abe-Oldenburg, B.Comm., JD.
 
PDF
IoT Business Insights from Patents
byAlex G. Lee, Ph.D. Esq. CLP
 
PDF
Simon Harrison RWE - Chain of Things 010616 final
bySimon Harrison
 
Industrial Hazard Monitoring using IOT
byAyush Chhangani
 
unit 1 portiorgegegegrgergegergegergn.ppt
bypankajrangaree2
 
Final Year Project Review dddddddddddddddddddddddddddd
byLaxmanSundar1
 
IzoT platform presentation
byEchelon Corporation
 
FYP PRESENTATION-ROOM MONITORING SYSTEM USING IOT
byinrhumaira
 
MINI Project 1B PPT (20000000000000000000).pptx
byvinayakpanchal346
 
SF IoT Meetup - Decentralized Identifiers & Verifiable Claims
byMrinal Wadhwa
 
Decentralized Identifiers & Verifiable Claims for IoT-1548352210.pdf
byM KA
 
Internet of Things: Identity & Security with Open Standards
byGeorge Fletcher
 
Ryan Wilson - ryanwilson.com - IoT Security
byRyan Wilson
 
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
byWSO2
 
This Time, It’s Personal: Why Security and the IoT Is Different
byJustin Grammens
 
Scaling IoT: Telemetry, Command & Control, Analytics and the Cloud
byNick Landry
 
Track 3 session 5 - st dev con 2016 - microsoft - from sensors to business ...
byST_World
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
byWSO2
 
Demystifying Internet of Things
byQian JIN
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
byPositive Hack Days
 
Internet of Things TCLG Oct 23 2014
byLisa Abe-Oldenburg, B.Comm., JD.
 
IoT Business Insights from Patents
byAlex G. Lee, Ph.D. Esq. CLP
 
Simon Harrison RWE - Chain of Things 010616 final
bySimon Harrison
 

More from SSIMeetup

PDF
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
bySSIMeetup
 
PDF
Value proposition of SSI tech providers - Self-Sovereign Identity
bySSIMeetup
 
PDF
PharmaLedger: A Digital Trust Ecosystem for Healthcare
bySSIMeetup
 
PDF
PolygonID Zero-Knowledge Identity Web2 & Web3
bySSIMeetup
 
PDF
The Pan-Canadian Trust Framework (PCTF) for SSI
bySSIMeetup
 
PDF
Cheqd: Making privacy-preserving digital credentials fun
bySSIMeetup
 
PDF
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
bySSIMeetup
 
PDF
ZKorum: Building the Next Generation eAgora powered by SSI
bySSIMeetup
 
PDF
Web5 - Open to Build - Block-TBD
bySSIMeetup
 
PDF
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
bySSIMeetup
 
PDF
Building SSI Products: A Guide for Product Managers
bySSIMeetup
 
PDF
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
bySSIMeetup
 
PDF
SSI Adoption: What will it take? Riley Hughes
bySSIMeetup
 
PDF
Portabl - The state of open banking, regulations, and the intersection of SSI...
bySSIMeetup
 
PDF
How to avoid another identity nightmare with SSI? Christopher Allen
bySSIMeetup
 
PDF
Learn about the Trust Over IP (ToIP) stack
bySSIMeetup
 
PDF
Identity-centric interoperability with the Ceramic Protocol
bySSIMeetup
 
PDF
The SSI Ecosystem in South Korea
bySSIMeetup
 
PDF
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
bySSIMeetup
 
PDF
Explaining SSI to C-suite executives, and anyone else for that matter
bySSIMeetup
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
bySSIMeetup
 
Value proposition of SSI tech providers - Self-Sovereign Identity
bySSIMeetup
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
bySSIMeetup
 
PolygonID Zero-Knowledge Identity Web2 & Web3
bySSIMeetup
 
The Pan-Canadian Trust Framework (PCTF) for SSI
bySSIMeetup
 
Cheqd: Making privacy-preserving digital credentials fun
bySSIMeetup
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
bySSIMeetup
 
ZKorum: Building the Next Generation eAgora powered by SSI
bySSIMeetup
 
Web5 - Open to Build - Block-TBD
bySSIMeetup
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
bySSIMeetup
 
Building SSI Products: A Guide for Product Managers
bySSIMeetup
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
bySSIMeetup
 
SSI Adoption: What will it take? Riley Hughes
bySSIMeetup
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
bySSIMeetup
 
How to avoid another identity nightmare with SSI? Christopher Allen
bySSIMeetup
 
Learn about the Trust Over IP (ToIP) stack
bySSIMeetup
 
Identity-centric interoperability with the Ceramic Protocol
bySSIMeetup
 
The SSI Ecosystem in South Korea
bySSIMeetup
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
bySSIMeetup
 
Explaining SSI to C-suite executives, and anyone else for that matter
bySSIMeetup
 

Recently uploaded

DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
PPTX
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
PPTX
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
PDF
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
PPTX
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
PPT
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
PPT
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
PPTX
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
PPTX
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
PPTX
Introduction Digital Signal Processing.pptx
byumairmuhammad0409
 
PPTX
Ideathon template.pptx it is a ideathon template
bykonav71133
 
PPTX
Lesson 3 - Methodology of Green Computing - part2 - dela cruz.pptx
byOmar Fernandez
 
PPTX
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
PPT
Memory Organization In Assembly Language
byumairmuhammad0409
 
PDF
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
PPTX
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
PPTX
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
Introduction Digital Signal Processing.pptx
byumairmuhammad0409
 
Ideathon template.pptx it is a ideathon template
bykonav71133
 
Lesson 3 - Methodology of Green Computing - part2 - dela cruz.pptx
byOmar Fernandez
 
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
Memory Organization In Assembly Language
byumairmuhammad0409
 
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 

Machine identity - DIDs and verifiable credentials for a secure, trustworthy and interoperable IoT - Mrinal Wadhwa

  • 1.
    MACHINE IDENTITY Decentralized Identifiers& Verifiable Credentials for Trust & Interoperability in the Internet of Things Mrinal Wadhwa CTO @ Ockam @mrinal This presentation is released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  • 2.
    1. Empower globalSSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA SSIMeetup.org Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org https://creativecommons.org/licenses/by-sa/4.0/ SSIMeetup objectives
  • 3.
    I’m passionate aboutbuilding systems where connected machines come together with intelligent algorithms to improve our lives. AUTONOMOUS SYSTEMS This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 4.
    PLUMBING But I spendmost of my days doing what is best described as - digital plumbing. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 5.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. To illustrate, let’s think about how we may build this extremely simple autonomous system. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 6.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we identify a person? How do we authenticate them? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 7.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we know they entered? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 8.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we identify a room? Which people are authorized to change this room’s temperature? This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 9.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we change temperature? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 10.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. What is room temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 11.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we know their preferred temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 12.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. How do we identify a person? How do we authenticate them? How do we know they entered? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? How do we identify a room? Which people are authorized to change this room’s temperature? How do we change temperature? With a device? How do we identify the device? How do we authenticate the device? Can we trust it? How do we know their preferred temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? What is room temperature? Is it called temp, temperature or T? Is it set in °C, °F or some other unit? This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 13.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. This seems hard, surely someone else has already built it. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 14.
    Found one witha quick google search, but it only works with Nest and IFFTT, our hardware is different :(. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 15.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. 1000s of People Identity Systems Google, Facebook, Apple, Active Directory, Custom Apps etc. 1000s of phones, motion sensors, RFID reader etc. 100s of IoT platforms, proprietary systems etc. 100s of building management systems and custom apps etc. 1000s of HVAC systems, Thermostats etc. 1000s of custom apps. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 16.
    IF A PERSONENTERS A ROOM CHANGE ROOM TEMPERATURE TO THEIR PREFERENCE. Also, this problem statement isn’t general enough, we like to write reusable code. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 17.
    IF A SHIPMENTENTERS A CONTAINER CHANGE CONTAINER TEMPERATURE TO IDEAL TEMPERATURE OF SHIPMENT. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 18.
    IF AN ENTITYTHAT HAS PREFERENCES, IS DETECTED AS HAVING ENTERED AN AREA THAT CAN APPLY PREFERENCES APPLY ALL ENTITY PREFERENCES THAT THE AREA CAN APPLY THAT THIS ENTITY IS AUTHORIZED TO APPLY TO THIS AREA. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 19.
    PLUMBING Most IoT developersspend most of their time dealing with this complicated plumbing, the magic is rare. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 20.
    SCALABILITY SECURITY PRIVACY TRUST RELIABILITY All this plumbingcomplexity manifests as weaknesses in other key architectural requirements. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 21.
    BUILDING BLOCKS Decentralized Identifiers(DIDs) Knowledge Graphs Semantic, Linked Data Linked Data Signatures Linked Data Proofs Cryptography DID Documents Verifiable Claims/Credentials Authorization/Object CapabilitiesAuthentication Shared Schemas & Ontologies Blockchains This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 22.
    SCHEME DECENTRALIZED IDENTIFIERS did:ockam:2QyqWz4xWB5o4Pr9G9fcZjXTE2ej5 METHOD METHOD SPECIFICUNIQUE STRING This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 23.
    This presentation isreleased under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 24.
    If you havea DID string, you can resolve it to its DID Document via its Method. We did not have this property of global uniqueness/resolvability across systems with older ID schemes. This breaks silos. GLOBALLY RESOLVABLE ACCESS CONTROL ALGORITHM did:ockam:2QyqWz4xWB5o4Pr9G9fcZjXTE2ej5 did:sov:2wJPyULfLLnYTEFYzByfUR Device Identity People Identity did:v1:nym:4jWHwNdrG9-6jd9.. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 25.
    DID DOCUMENTS DID Documentsare Linked Data documents that describe the DID, they contain the public keys of the DID, authentication methods, services etc… This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 26.
    CRYPTOGRAPHICALLY PROVABLE If adevice possess the corresponding private key, a device can cryptographically prove its identity. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 27.
    DECENTRALIZED KEY MANAGEMENT DEVICEBACKEND Backend public Device secret Backend secret Device public Sensed Data, Acknowledgements etc. Control Instructions, Firmware & Configuration updates etc. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 28.
    SERVICE DISCOVERY This presentationis released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 29.
    SEMANTIC & LINKEDDATA The progress made by the open web community around Linked Data can be applied to IoT. This brings semantic meaning and relationships to IoT data … This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 30.
    Instead of describingtemperature as a key of my choosing “temperature”, “temp” or “T” … This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 31.
    Let’s describe itwith well defined semantics. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 32.
    Now, two developerswho have never met or coordinated can independently build a temperature sensor and a controller that can work with each other. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 33.
    Now this datais about an entity (room) described by the above DID. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 34.
    VERIFIABLE CLAIMS VALUESUBJECT PROPERTY SIGNED BYISSUER This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 35.
    TEMPERATURE VERIFIABLE CLAIMS 70ROOM SIGNED BYISSUER This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 36.
    VERIFIABLE CLAIMS This presentationis released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 37.
    This presentation isreleased under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 38.
    WEB OF TRUST CLAIM:BOMPLM System CLAIM:Audit Security Auditor REGISTERED CLAIM:Firmware-V1 Software Update Service did:ockam:2QyqWz4xWB5o4Pr9G9fcZjXTE2ej5 CLAIM:Firmware-V2 Software Update Service CLAIM:Deployed On boarding Service Key Rotated Device This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 39.
    ○ Was thedevice made by a reputable manufacturer? ○ Does the device have hardware based cryptography and secure key storage? ○ Does the device have unique identity and cryptographic keys? ○ Has the device been audited by a security auditing firm? ○ Is there a signed audit proof? ○ Are there any known vulnerabilities for the device hardware/software? ○ Does the device produce signed data and signed firmware acknowledgements? ○ Does the device have the latest firmware? ○ Who installed the device? Who provisioned the device? etc. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 40.
    TRUST ARCHITECTURE This presentationis released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 41.
    AUTHENTICATION This presentation isreleased under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 42.
    This presentation isreleased under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 43.
    AUTHORIZATION This presentation isreleased under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 44.
    https://github.com/ockam-network/ockam Decentralized Identifiers (DIDs) KnowledgeGraphs Semantic, Linked Data Linked Data Signatures Linked Data Proofs Cryptography DID Documents Verifiable Claims/Credentials Authorization/Object CapabilitiesAuthentication Shared Schemas & Ontologies Blockchains Ockam is an open-source collection of tools that makes it simple to build connected solutions with these building blocks. This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 45.
    Decentralized Identifiers (DIDs) KnowledgeGraphs Semantic, Linked Data Linked Data Signatures Linked Data Proofs Cryptography DID Documents Verifiable Claims/Credentials Authorization/Object CapabilitiesAuthentication Shared Schemas & Ontologies Blockchains Hardware Key Storage & Cryptography Blockchains Light ClientsBattery Efficient Messaging & Transports Zero Knowledge Proofs Private InteractionsSecure Zero Touch Onboarding Bidirectional Signed/Encrypted DataSigned Firmware & Config Updates Service & Data format discovery https://github.com/ockam-network/ockam We’re also building open tools for several other related capabilities for IoT systems This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 46.
    https://github.com/ockam-network/did We open sourceda Golang parser for DIDs, give it a try. This presentation is released under a Creative Commons license. (CC BY-SA 4.0). This presentation is released under a Creative Commons license. (CC BY-SA 4.0).
  • 47.
    MACHINE IDENTITY Decentralized Identifiers& Verifiable Credentials for Trust & Interoperability in the Internet of Things Mrinal Wadhwa CTO @ Ockam @mrinal This presentation is released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org @ockam_io https://ockam.io
  • 48.
    ● Robot byVectors Market from the Noun Project ● pipes by Aleksandr Vector from the Noun Project ● valve by Ben Davis from the Noun Project Attributions for images used in this deck: