This is the keynote presentation that I gave at MyData 2018. It explains the connection between identity and personal data. Some of my story of how I began working on identity 15 years ago. The Domains of Identity, My master's report is explained and then core components of Self-Sovereign Identity is explained. I conclude sharing some thoughts on how we work together to build alignment.
Unleash Your Potential - Namagunga Girls Coding Club
The Domains of Identity & Self-Sovereign Identity MyData 2018
1. Kaliya Young
Self-Sovereign Identity
Domains of Identity
+
@ Aug 29, 2018
This presentation includes
slides from the following
Community members:
* Drummond Reed
* Manu Sporny
* Timothy Ruff
* John Jordan & BC Team
2. Kaliya Young
Self-Sovereign Identity
Domains of Identity
+
@ Aug 29, 2018
1. The MyData —> Identity Connection
2. How did I begin in Identity?
3. The Domains of Identity - My Masters Report
4. An Overview of Self-Sovereign Identity
5. Conclusion —> Creating Alignment
6. Groups
Identity Contexts Are Social
with People Family
https://www.flickr.com/photos/houseoflim/409869608https://www.flickr.com/photos/twiga_swala/2286910386/ https://www.flickr.com/photos/genista/346236490/
7. Identity Contexts are also
Institutional Organizational
https://www.flickr.com/photos/tomsaint/33022263665 https://www.flickr.com/photos/usdagov/9583705941/
9. Key aspects of “identity” in these
contexts are the identifiers that
come with those contexts.
10. Sports Association Number
Identifiers of many types
Student Numbers
Customer Numbers
Airline Points numbers
Patient Numbers
Government ID Number
Passport
Names
20. Without control of our identifiers
we can’t have control
over our personal data.
How do we own our own digital
identifiers?
The quest for this is one I have
been on for 15 years
26. Underlying this report is the
assumption that every individual ought
to have the right to control his or
her own online identity. You should be
able to decide what information about
yourself is collected as part of your
digital profile, and of that
information, who has access to
different aspects of it.
27. Certainly, you should be able to read
the complete contents of your own
digital profile at any time. An online
identity should be maintained as a
capability that gives the user many
forms of control. Without flexible
access and control, trust in the
system of federated network identity
will be minimal.
28. A digital profile is not treated [by
corporations who host them] as the
formal extension of the person it
represents. But if this crucial data
about you is not owned by you, what
right do you have to manage its use?
A civil society approach to persistent
identity is a cornerstone of the
Augmented Social Network project.
29. Organizations would have identities
People would have identities
OPEN STANDARDS FOR IDENTIFIERS & DATA EXCHANGE
30. They would be able to connect on their own terms
Each being first class nodes on the network.
87. { “Key”: “Value” }
DID
Decentralized
Identifier
DID Document
JSON-LD document
describing the
entity identified by
the DID
Slide credit: Drummond Reed, Sovrin Foundation
88. 1. DID (for self-description)
2. Set of public keys (for verification)
3. Set of auth protocols (for authentication)
4. Set of service endpoints (for interaction)
5. Timestamp (for audit history)
6. Signature (for integrity)
!88
The standard elements of a DID doc
Slide credit: Drummond Reed, Sovrin Foundation
89. Example DID Document (Part 1)
!89
{
"@context": "https://w3id.org/did/v1",
"id": "did:example:123456789abcdefghi",
"publicKey": [{
"id": "did:example:123456789abcdefghi#keys-1",
"type": "RsaSigningKey2018",
"owner": "did:example:123456789abcdefghi",
"publicKeyPem": "-----BEGIN PUBLIC KEY...END PUBLIC KEY-----rn"
}],
"authentication": [{
"type": "RsaSignatureAuthentication2018",
"publicKey": "did:example:123456789abcdefghi#keys-1"
}],
"service": [{
"type": "ExampleService",
"serviceEndpoint": "https://example.com/endpoint/8377464"
}],
Slide credit: Drummond Reed, Sovrin Foundation
92. !92
Method DID prefix
Sovrin did:sov:
Bitcoin Reference did:btcr:
Ethereum uPort did:uport:
Blockstack did:stack:
Veres One did:v1:
IPFS did:ipld:
Active DID Method Specs
Slide credit: Drummond Reed, Sovrin Foundation
93. 1. The syntax of the method-specific identifier
2. Any method-specific elements of a
DID document
3. The CRUD (Create, Read, Update, Delete)
operations on DIDs and DID documents for
the target system
!93
A DID Method spec defines…
Slide credit: Drummond Reed, Sovrin Foundation
96. ISSUER WALLET VERIFIER
Shared Ledger or other Immutable Data Store
Agent/Hub
S
Identifier Owners
Edge Layer
Cloud Layer
Agent/HubAgent/Hub
WALLET WALLET
IPFS
BTCR
Secure Communication Channel with PKI
97. ISSUER WALLET VERIFIER
Shared Ledger or other Immutable Data Store
Agent/Hub
S
Identifier Owners
Edge Layer
Cloud Layer
Agent/HubAgent/Hub
WALLET WALLET
IPFS
BTCR
Secure Communication Channel with PKI
132. Paper documents are cumbersome as
proof of legal compliance and permission.
REGISTERED
PERATING
PERMIT QUALIFICATION
Certificate of
PERMIT
en
CONFIRMATION
LETTER
REGISTERED
PERATING
PERMIT QUALIFICATION
Certificate of
PERMIT
en
CONFIRMATION
LETTER
135. This journey involves
multiple sources …
PROVINCE
INCORPORATION
REGIONAL HEALTHAUTHORITY
PERMIT
MUNICIPALITY
BUSINESS
LICENSE
… and modes of
service delivery.
136. STEP 12
All of this activity
is a major burden
for all involved.
137. What if … businesses could provide verifiable proofs
about qualifications when transacting online?
Mary owns this proof-of status for her business
Certificate
issued
Certificate
shared
Certificate
verified
138. The credential definition is created and published
on the blockchain (ledger) by an issuer.
DEFINITIONDEFINITION LEDGERLEDGERISSUERISSUER
142. Welcome to
British Columbia’s
verifiable organizations.
search
TheOrgBook fills that role and unlocks
the hidden value of BC Registries data.
Registration, permit, and license services
can plug into incorporated businesses.
144. MARY OLIVIERA
The new enrollment experience
is more convenient …
… with a global, open
blockchain registry.
145. Mary can own her proof-of-status and
store them in her digital wallet …
… which opens up more
service possibilities …
146. A decentralized verifiable credential is carried by
the holder on a smart phone or other computing
device.
The phone does
a lot of the work
as the holder’s
agent.
151. Protocol is a language that regulates flow,
directs netspace, codes relationships, and
connects life forms. It is etiquette for
autonomous agents. -Alexander Gallway, Protocol
152. We must make it right.
We must make it happen.
…but who is we?
…and how do we do it?
164. Coordinate development of
common building blocks:
Code, Infrastructure, Protocols….
Ship Interoperable Products
Work towards alignment,
not control.
165. Ask and listen first.
Write it down.
Put a stake in the ground.
Create real-time feedback loops.
What does it take to Build Alignment?
Remind each other what we’re doing and why.
166. Alignment is a process.
We must set our expectations
accordingly, and celebrate
each victory along the way.
167. We will make it right.
We will make it happen.
Together!