What is self-sovereign identity?
SURF has been researching self-sovereign identity (SSI) for several years. We look at aspects such as applicability, functionality, technology and privacy. We also look at the use and legal aspects. We use this knowledge to support educational institutions in their IAM development and to improve SURF's services.
New paradigm in identity management
Self-sovereign identity (SSI) is a new paradigm in identity management. An important difference with existing identity management ecosystems, such as Federated Identity Management, for example SURFconext, is that users have more control over the use of their personal data.
How does self-sovereign identity work?
In the SSI model, the source holder, for example an educational institution, gives data ('credentials') to the user, who can store them in a wallet. This wallet is usually an application on the user's cell phone. When a user wants to use a service, the service asks the user for a certain proof, for example that the user is a student. The user chooses to release this to the service - via his phone.
Important tool in directing one's own data
Policy makers in various sectors increasingly regard SSI as an important means of giving users more control over their own data while maintaining privacy. This is visible at the national and European level, for example in the new eIDAS regulation. eIDAS is a login option intended for European citizens and businesses that want to log in to Dutch services with their national authentication tool, so without DigiD or eHerkenning.
Research into self-sovereign identity
SURF has therefore been researching SSI for several years. We are looking at aspects such as the applicability of practical examples, maturity, the impact on educational institutions, functionality (what can you do with it, the relationship with the existing IAM landscape), technology (how does it work, what technical standards), and privacy and legal issues. We use the knowledge we have gained to support the educational institutions in their IAM development and to improve SURF's services.
The activities that SURF performs are inspired by use cases provided by the institutions and technical innovation from SURF Trust and Identity, with the aim of using this knowledge to develop services such as edubadges and eduID. In doing so, we follow developments within Europe and collaborate nationally and internationally.