Explore the intersection of identity management, government roles and responsibility, and personal control of digital identity. Introduces some of the Linux Foundation work in the Hyperledger Aries Project
3. Today’s Agenda
1. What is the role of Government?
2. Where does trust fit in?
3. Digital Identity is broken, poor Authorization, Authentication, and Access practices
weaken cybersecurity
4. What can be done?
5. How can government play a role?
Let’s dive in
3
4. How Do Individuals
and Governments
Fit Together?
Society
Individual
NGO
Academic
Religious
Commercial
Government
4
5. Economy
Acceleration
'As proven in Canada, a digital ID
ecosystem is not only a motor to connect
people, governments and the private
sector in a trusted and transparent way –
but it also accelerates participation in the
economy, work and mobility’
—Vidya ShankarNarayan, Assistant Deputy Minister
and CIO, Agriculture and Agri-Food Canada and
previously Director General, Digital Government
Source: https://www.weforum.org/agenda/2021/01/davos-agenda-digital-identity-
frameworks
5
6. The Why
McKinsey - Digital
identification:
A key to inclusive
growth
• https://www.mckinsey.com/business-
functions/mckinsey-digital/our-
insights/digital-identification-a-key-to-
inclusive-growth
6
7. McKinsey – Economic Value
Follow the money
“In 2030, digital ID has the
potential to create economic
value equivalent to 6 percent of
GDP in emerging economies
on a per-country basis and 3
percent in mature economies,
assuming high levels of
adoption”
Source: https://www.mckinsey.com/business-functions/mckinsey-
digital/our-insights/digital-identification-a-key-to-inclusive-growth
7
8. What is the Role and Authority of Government?
Rights of Government and of Citizens
Foundation Principals from mid 17th century Philosopher
John Locke
Life, Liberty and the Pursuit of …?
Happiness? Property?
Privacy, Security, and Confidentiality
Protections
Source:
https://www.earlymoderntexts.com/assets/pdfs/locke1689a.pdf
8
9. What Services does
the Government
Provide?
How many services
require identity?
Source: https://www.usa.gov/ 9
11. How do Governments
interact with Individuals?
Privacy Warning
Who are you?
What are you?
Where are you?
How Are You?
11
12. Primary Government Roles in Identity
Issue Proof
Documents
Permissions and
Authorizations and
Promote Standards
01
Secure and Validate
Credentials and
Claims
02
Record Certain Life
Events
03
Confirm Access to
Benefits and
Entitlements
04
Establish Trust in
Proofs and Claims
while Protecting
Privacy
05
12
13. Establishing Trust
How we make trust decisions?
Technology
• Is it a legitimate representation?
Governance
• Is the source of the representation trustworthy?
• Where does their authority come from?
• Do they have trusted processes?
Source: https://trustoverip.org/wp
-content/uploads/sites/98/2020/05/toip_050520_primer.pdf
13
14. Government Case Study
Government issues many types of permissions and authorizations
Foundational Issuances
• Birth, Death Certificates
• Legal Entities Registrations
• Land Registration
Hundreds of others grounded in foundational credentials
• Health, Drivers Licenses, Education, Social Services, etc.
• Business licensing, Natural Resources, Climate, etc.
Economy is underpinned by Government
https://trustoverip.org/wp
-content/uploads/sites/98/2020/05/toip_050520_primer.pdf 14
15. The Trust Machine
The blockchain lets people
who have no particular
confidence in each other
collaborate without having to
go through a neutral central
authority. Simply put, it is a
machine for creating trust.
Source: https://www.economist.com/leaders/2015/10/31/the-trust-machine
15
16. Government Attempts
– Old Challenges
Government Service Delivery
Many efforts, over the years, to find a way to deliver a
simple approach for businesses faced with a
multiservice/jurisdiction journey
• None have succeeded at any scale (more than a few
services)
• Economy and Government services are constantly
changing
• Our governance model is aligned to In-Person trust
All these services have one thing in
common …
Source: https://trustoverip.org/wp
-content/uploads/sites/98/2020/05/toip_050520_primer.pdf 16
18. Self-
sovereign
identity (SSI):
The true
password
killer
How can we make security more convenient?
• While SSO and 2FA are great improvements over traditional,
centralized usernames and passwords, they still don’t let us have our
cake and eat it too — that is, they don’t give us both security and
convenience.
• But there’s an emerging technology that does. It’s called self-
sovereign identity (SSI).
Source: https://www.securitymagazine.com/articles/93356-self-sovereign-identity-the-true-password-killer
18
19. Self Sovereign Identity (SSI)
Credential Flow Self-sovereign identity in the
context of data protection and
privacy (yourstory.com)
The How
Government Roles:
Government issues
holds and verifies
credentials and
claims
SSI allows
cryptographic
integrity
19
20. OrgBook BC
A success story
• https://orgbook.gov.bc.ca/en/home
About OrgBook BC
This new service uses cutting-edge
blockchain-based technology, which
provides the foundation to help BC move to
a digital economy.
OrgBook BC supports our goal to streamline
and modernize services for British
Columbians as part of our broader Digital
Government Strategy.
20
21. How Can I get
involved?
Linux Foundation Identity
• https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS172x+3T2019/course/
• https://training.linuxfoundation.org/
• https://www.linuxfoundation.org/
21
22. Call to Action
Think about control and ownership of identity and how
it can enhance your cybersecurity footprint
Think
about
Demand to know where your personal information is
going and how it is stored
Demand
Find Out what your identity information is being used
for
Find out
Learn more about identity tools and processes
including Self Sovereign Identity
Learn
22
26. Self Sovereign
Identity
implementations
• Just a few of the SSI implementations that were launched in 2020 or are pending launch
in early 2021 include:
• IATA Travel Pass will be the first verifiable credential capable of providing proof of
COVID-19 test and vaccination status at airports around the world,
• NHS Staff Passport is the first portable digital identity credential for doctors and nurses
in one of the largest public healthcare networks in the world,
• GLEIF (the Global Legal Entity Identifier Foundation), based in Switzerland and the only
global online source that provides open, standardized and high quality legal entity
reference data, is committed to following the SSI model for digital identity credentials
for companies.
• SSI4DE, co-funded by the German Federal Ministry of Economic Affairs, supports
showcases for secure digital identities in Germany, and Chancellor Angela Merkel
declared digital identity as a priority matter during December 2020.
• CULedger MemberPass brings SSI to financial services with Credit Union customer
identity verification,
• Farmer Connect is realizing is vision to “Humanize consumption through technology” by
enabling and empowering individual coffee farmers to more easily work with global
enterprises, and reducing costs and inefficiencies for large companies to work directly
with small and often remote farmers.
• Lumedic Exchange is the first network designed exclusively for patient-centric exchange
of healthcare data using SSI-based verifiable credentials.
Source: https://sovrin.org/2020-how-ssi-went-mainstream/ 26
29. More Information
https://sovrin.org/developers/
Video The Sovrin Network- Making Self-Sovereign Identity a
Reality
• https://vimeo.com/305420834
Trust over IP
• https://wiki.trustoverip.org/display/HOME/Trust+Over+IP+Fou
ndation
Books
• https://www.manning.com/books/self-sovereign-identity
• https://www.anthempress.com/the-domains-of-identity-pb
Courses
• https://digitaldefynd.com/best-hyperledger-fabric-courses/
29
30. Digital Identification and Authentication Council
of Canada - DIACC
• Interoperability: Digital Identity You Can Use
• The DIACC is committed to unlocking economic
opportunities for Canadian consumers, and businesses by
providing the framework to develop a robust, secure,
scalable and privacy-enhancing digital identification and
authentication ecosystem that will decrease costs for
everyone while improving service delivery and driving GDP
growth.
• The DIACC Trust Framework Expert Committee (TFEC)
represents a diversity of public and private sector
stakeholders who collaborate to deliver resources that help
to solve and secure identity including: validated use cases,
standards, model agreements, international alignments, and
informative policy development recommendations.
https://diacc.ca/the-diacc/
31. NIST -
Identity and
Access
Management
Roadmap
OMB Policy Memo M-19-17 assigned the Department of
Commerce (NIST) the responsibility to publish and maintain
a roadmap for developing new and updating existing NIST
guidance related to Identity and Access Management (ICAM).
NIST Information Technology Laboratory will publish and update
this Roadmap at the NIST Identity and Access Management
Resource Center. The Roadmap presents milestone activities,
projected activity completion dates by fiscal year quarter, and
explanatory notes for the following activities:
NIST Special Publication 800-63
NIST SP 800-63-3 Implementation Resources
NIST SP 800-63A and SP 800-63B Conformance Criteria
NIST Special Publication 800-63 Revision 4
Personal Identity Verification (PIV) Guidance (FIPS 201
Revision3)
NCCOE Identity Projects
https://www.nist.gov/topics/identity-access-management/identity-and-
access-management-roadmap 31
34. GreenLight Orgbook
This new service is a decentralized
workflow application - a mapping tool - that helps
you navigate the sometimes tricky license and
permit process. It uses cutting-edge blockchain
technology to show you not only the steps to
getting your permit or license, but more
importantly, the interdependencies that might be
involved. Using a colour-coded flow diagram,
GreenLight helps you build up the credentials you
need to get the "green light" to operate!
Source: https://dev-greenlight.orgbook.gov.bc.ca/
32
35. Estonia
Already
Lives Online
Once they’re in the system, Estonians don’t
need to fill out forms, thanks to the country’s
“once-only” rule, which mandates that the
government is allowed to ask for any given
piece of information only one time.
Authenticated digital signatures are also more
secure than their handwritten counterparts, a
source of bemusement to Estonians, who
“think it’s crazy that much of the world still
signs with a pen,”
Source:
https://www.theatlantic.com/international/archive
/2020/05/estonia-america-congress-online-
pandemic/612034/
33
36. Connection Points –
World Economic Forum
Source: https://intelligence.weforum.org/topics/a1G0X000005JJGcUAO?tab=publications
34
38. Tell Us Once -
UK
Government
Availability:
• Not released
Published by:
• Department for Work and Pensions
Last updated:
• 12 December 2013
Topic:
• Society
License:
• None
Summary
• Tell Us Once is a service which allows people to report a birth or
death to most government organizations in one go.
• The Tell Us Once Database records details of the life event and the
information recorded can include the data of
• birth or death, Names, National Insurance Number, Driving License
and Passport details.
• Information is held for a maximum of 35 days then deleted.
Source: https://data.gov.uk/dataset/fb4b924c-7a42-433a-8280-
78a924a00a94/tell-us-once 36
40. Don Lovett
Bio
Mr. Lovett is a Business and Technology Leader who is passionate about
the promise of Sovereign Identity. He recently served as the Chief
Information Officer (CIO) in the Office of Contracting and Procurement
Agency, which annually procures $5.7 billion of goods and services for the
District of Columbia Government. In this leadership role, he activated a
digital transformation strategy with a focus on linking improvements in data
accuracy, security, accessibility, and transparency to improvements in
customer experience.
Mr. Lovett was the Founder and Principal Consultant at ProjectBits
Consulting, where he provided Public Sector, Hi-Tech, Telecom, Financial
Services, Manufacturing, and Distribution clients with business and
technology solutions and advice. Before that, he had a decade-long career
at KPMG where he was admitted to the Partnership.
Mr. Lovett has a Master’s Degree in Business Administration (MBA) from
the University of Houston and a Bachelor’s in Accounting from the
University of Houston. He served as an affiliate faculty member at Regis
University for 5 years teaching graduate-level students in organizational
and operational aspects of project management. He has earned graduate-
level certificates in Software Engineering from the University of Texas and
Telecommunications Management from the University of Dallas. He also
holds SSCP, CSM, and PMP designations.
Don Lovett
don@projectbits.com
703-434-1660 Mobile
https://www.linkedin.com/in/donlovett/
38