What are you looking for?

Driving innovation together
Self-sovereign identity
Self-sovereign identity (SSI) is a new paradigm in identity management. SURF has been researching it for several years. We look at aspects such as applicability, functionality, technology and privacy. Read more about SSI and what we are doing and have already done here.
student met laptop - Kees Rutten

The power of self-sovereign identity is that users are in control: they decide for themselves with whom they share their data. This fits seamlessly with the public value of autonomy, which is why we think SSI is such an important theme at SURF.

Foto Niels van Dijk

Niels van Dijk

+31 88 787 30 00
niels.vandijk@surf.nl

What is self-sovereign identity?

SURF has been researching self-sovereign identity (SSI) for several years. We look at aspects such as applicability, functionality, technology and privacy. In addition, usage and legal aspects also have our attention. With this knowledge, we support educational institutions in their IAM development and improve SURF's services.

New paradigm in identity management

Self-sovereign identity (SSI) is a new paradigm in identity management. Important difference from existing identity management ecosystems, such as Federated Identity Management, e.g. SURFconext, is that users have more control over the use of their personal data.

How does self-sovereign identity work?

In the SSI model, the source holder, e.g. an educational institution, gives data ('credentials') to the user, who can store them in a wallet. This wallet is usually an application on the user's mobile phone. When a user wants to purchase a service, this service asks the user for a certain proof, e.g. that the user is a student. The user himself chooses to release this to the service - via his phone.

Importanttool in control of own data

Policymakers in various sectors increasingly see SSI as an important means of giving users more control over their own data while maintaining privacy. This is visible at national and European level, including in the new eIDAS regulation. eIDAS is a login option intended for European citizens and companies who want to log in to Dutch services with their national authentication means, i.e. without DigiD or eHerkenning.

Research into self-sovereign identity

SURF has therefore been researching SSI for several years. We look at aspects such as applicability of practical examples, maturity, impact on educational institutions, functionality (what can you do with it, relationship with the existing IAM landscape), technology (how does it work, which technical standards) and privacy and legal issues. With the accumulated knowledge, we support educational institutions in their IAM development and can improve SURF services.

The activities SURF carries out are inspired by use cases from the institutions and technical innovation from SURF Trust and Identity with the aim of using this knowledge in service development such as edubadges and eduID. In doing so, we follow developments within Europe and cooperate nationally and internationally.