Technical exploration Ledger-based self-sovereign identity
With self-sovereign identity (SSI), users own their data - instead of the educational institution or the government, for example. They themselves determine what data they share and with whom. What are the technical characteristics, possibilities and challenges of this concept? You can read it in this report.
Users are in control of their data
Self-sovereign identity (SSI) is a new concept in which users are the owners of theirĀ personal data and determineĀ what information they share and with whom. They collect their profile information (e.g. date of birth, diplomas obtained) from multiple authoritative sources (providers, e.g. the Personal Records Database (BRP), DUO) in one digital wallet. They can selectively share this profile information with a recipient (service). This makes the SSI model very attractive from the point of view of privacy and data protection.
Current situation causes limitations and hassle
The current model for an authentication and authorisation infrastructure (AAI) within research and education is based on a federated identity. The institution (identity provider) creates and manages the user's identity. This means, however, that the identity provider (the educational institution) determines how and where the identity may be used.
By definition, this leads to restrictions and hassles: end users must maintain an increasing number of different identities and go through time-consuming processes to prove that they are who they say they are. Furthermore, services have to incur additional costs to reliably re-establish identity and profile information.
Wallet as central proxy
The only scalable way to combine profile information from multiple sources is via a central proxy. But this brings new challenges around availability, security and data protection. By using the end user wallet as a kind of proxy that aggregates all personal data, the SSI model can help avoid many of these problems.
Privacy and data well protected
The SSI model is very attractive from a privacy and data protection point of view. Users have direct control over the release of their personal data. Also, unlike with federated identity, the data exchange does not take place directly between the provider and the recipient, but via the end user's wallet. As a result, a provider cannot see, for example, which services the user logs into, at what time, how often, etc.
Implementation via ledger
The SSI model presents a number of challenges. The most important is that trust must be built up between recipients and providers. To achieve this, SSI introduces the concept of a verifiable data registry, which is typically implemented via a distributed ledger or blockchain. This immutable registry contains all transactions, but not the personal data itself, so that each new transaction is verifiable.
Exploration into the applicability of self-sovereign identity
In this exploration, we examined the (technical) features, standards and implementation of an SSI solution using a blockchain-based verifiable data registry. We also assessed the maturity and usability of a blockchain-based solution by deploying and testing it with other components in the AAI ecosystem, in accordance with use cases we collected.
Conclusions are positive
In general, SSI's privacy-preserving nature, end-user control over the sharing of personal data, and trust model align well with the public values typical of education and research. The platform we used (based on Hyperledger Indy) allowed us to successfully execute all use cases. The platform fulfils the promises of SSI: it is privacy-preserving, scalable and secure. However, the user interaction and interfaces are the weakest part of the ecosystem and will need a lot of attention.
Think and experiment with us
Other sectors, including government and healthcare, are increasingly researching SSI. SURF could also use SSI within various existing services, for example eduID and SURF Research Access Management.
SURF wants to further explore how SSI can play a role in research and education. If you would like to discuss this and participate in the experiment, please send an e-mail to Arnout Terpstra at arnout.terpstra@surf.nl.