What is Decentralized Identity? + Digital ID Fundamentals.

4 minute read

What is Decentralized ID?

The essence of Decentralized-ID is in creating open standards for a privacy preserving internet-wide identity layer — not owned by any one particular organization, but interoperable between all.

It’s impossible to have a conversation about decentralized-id without discussing blockchain, self sovereign identity, standardization and frameworks, along with global privacy and digital identifiction regulations:

  • Cryptographers, privacy advocates and digital identity enthusiasts laid the foundation by deeply considering the implications of identification practices in the electronic world.
  • The European Union’s GDPR enlarged the global conversation around digital privacy practices, lending much weight to the SSI credo.
  • The United Nations Sustainable Development Goals (SDGs) have also fueled efforts towards a global and widely accessible identity solution.
  • The Blockchain industry exploded around Bitcoin, proving the concept of digital scarcity, in the form of a decentralized peer-to-peer (P2P) currency.
  • Decentralized web and P2P technologists also lend strength to Decentralized Identity efforts.
  • Collectively arrived at solutions are trending towards congruence with the spirit of innovation, privacy concerns, and compliance within the global regulatory landscape.

Getting Started with Decentralized ID

A Primer on Decentralized Identity

Blockchain technology has changed the world and has helped society enact radical changes, especially when it comes to privacy and identity. Decentralized identity (DID) redefines the way we share, control, and access our personal information. In short, it gives power back to the people when it comes to identity. The Laws of Identity The Internet was created without any way to identify the people who used it. The Internet was a network of machines. Consequently, all the identity in Internet protocols is designed to identify machines and services. People used the Internet through some institution (their company or university) and were part of that institution’s administrative identity system. This can still be seen in the format of email addresses that identify both recipient and sender as someone@someplace. As the Internet grew to include people who weren’t formally associated with an institution, every Web site and service created their own administrative identity domains. The result is the fractured plethora of identifiers, policies, and user experiences that constitute digital identity in 2019.

Identity: The Elephant in the Enterprise Blockchain Room

The adoption of permissioned blockchain technologies in the enterprise is a road full of challenges. The so called Web3 stack based on decentralized ledgers is still fundamentally immature to enable sophisticated enterprise business processes. Among the building blocks missing from enterprise blockchain platforms, identity raises to the top of the list as one of the omnipresent challenges of this new generation of enterprise solutions. At Invector Labs, we are regularly faced with the challenges of enabling identity management capabilities in permissioned blockchain solutions. As a result, we have developed certain ideas of the key capabilities and models of an identity layer for enterprise blockchain solutions which I would like to outline in this article.

The Case for Decentralized Identity

We cannot decentralize many interesting systems without also decentralizing the identity systems upon which they rely. We’re finally in a position to create truly decentralized systems for digital identity.

Decentralized Identity: An alternative to password-based authentication

Digital Identity Fundamentals

  • What is Digital Identity?

    The Sapir–Whorf Hypothesis, also known as the principle of linguistic relativity, posits that language constructs our reality and worldview. While the hypothesis has been contested over the years, language is unarguably fundamental to the models of the world we build in our heads — and in our systems.

  • Difference Between Authentication and Authorization

    The identity of a person is assured by authentication. On the other hand, authorization checks the access list that the authenticated person has. In other words, the authorization includes the permissions that a person has given.

  • IDPro Member Presentations - Identiverse 2019 - playlist
    • 2019 - Introduction to Identity Part 1 - Identiverse - slideshare

      This workshop — provided by IDPro — will provide a comprehensive (and fun) introductory view of the identity world that will give participants a solid understanding of IAM’s foundations. Part 1 of this 2-part class begins with the basics like directories, identity proofing, provisioning, authentication (including multi-factor), authorization, as well as federation technologies like SAML, OAuth, and OpenID Connect. In Part 2, we build on those foundational technologies to explain PKI & digital certificates, privileged access management, identity for IoT, identity assurance, privacy issues, identity standards organizations, and even known attack vectors.

    • Introduction to Identity Part 2 - June 25 - Identiverse 2019
    • Modern Identity for Developers 101 - June 25 - Identiverse 2019

      Modern identity promises to solve some of the thorniest problems that historically plagued handling authentication and access control in applications. That sounds great in theory, but how do thinks really look like when the rubber hits the road – what does it take to incorporate modern identity in your applications development practice? Come to this session to learn the basis of modern identity development and be better equipped to understand and participate to the session in this year’s Identiverse development track.

    • An Introduction to Mobile Identity - June 25 - Identiverse 2019