Share this post:
Individuals, organizations, and things are not in control of their identity in the digital world. Everything is rooted in usernames and passwords, controlled by identity providers and third parties, creating a much-needed missing layer for identity on the Internet.
At IBM, we have been doing a lot in the decentralized identity space. We’ve done some work over the last few months and as a first step; we are looking to provide services to help establish secure, highly available decentralized identity networks.
What is self-sovereign, or multi-source identity?
Within decentralized identity, self-sovereign identity is a concept where no one but you owns or controls the flow of your identity. Although we lack this in the digital world, we have similar concepts today in the physical world. In the physical world, we have wallets; those wallets contain credentials that have been issued by known, trusted issuers — a birth certificate or driver’s license for example.
When we build relationships with banks, hospitals and other entities, we take these credentials out of our wallet and present them, based on the policy of that relationship — we are not using a username or password. Entities verify us in real time and offer a service, such as creating a bank account, applying for insurance, receiving healthcare and more. As we build more relationships, more credentials are added to our wallets to prove higher and higher levels of identity control. This concept is called multi-source identity, where we build our trust through attestations from relationships we’ve established over time. This isn’t anything new — we do this today, in the physical world.
As we bridge physical world concepts to how we transact more and more in the digital world, we need to rethink how we identify ourselves. To enable this, there are many identity frameworks being established.
One of those new identity frameworks is Sovrin, a global public, permissioned identity utility for exchanging identity more securely. Sovrin establishes a trust framework for point-to-point exchanges of credentials, putting identity owners in control. Sovrin leverages blockchain as the root of trust, through a web of trust to establish secure, trusted relationships. No personally identifiable information (PII) is ever stored on the public ledger.
What IBM has been up to
In 2017 we made a commitment to decentralized identity, seeing the rightful need in putting identity owners in control of their identity. With the emergence of blockchain, new identity models surfaced, creating frameworks for how identity can be exchanged in a new digital era.
On April 2018, IBM joined the Sovrin foundation as a Sovrin Steward. Since then, other peers such as Workday and Cisco have also joined, expressing the need for solving the identity problem. IBM, along with other Sovrin Stewards, operates, performs consensus and more, for the global public identity utility that is the Sovrin network.
At Consensus 2018, we demonstrated how decentralized identity can be leveraged to transform business process workflow, such as know your customer (KYC), when verifying name, address, and, date of birth to reduce fraud and save costs for simple individual bank onboarding. Infusing decentralized identity into vertical solutions, as shown in the demo, provides additional trust in business relationships.
My team at IBM also realize how important education is in this space. As we speak with customers, a lot of our conversations start with understanding decentralized identity and how it works, where blockchain intersects and what it means to be self-sovereign. Using this feedback, we added some details to IBM Blockchain Trusted Identity to provide basic education.
We continue to collaborate with customers, leveraging IBM Design Thinking and are very excited in the passion we see. These sessions serve as market feedback on the product and services we need to build, specifically around:
- Establishing decentralized identity networks
- Participating and exchanging credentials in heterogeneous decentralized identity networks
- Transforming business process workflow with decentralized identity, leveraging Watson AI and industry expertise through Promontory
A solution for Sovrin Stewards
IBM Blockchain Trusted Identity is pleased to announce a closed beta offering for fellow Sovrin Stewards. IBM can help simplify deployment, management and operations for stewards, and provide a highly available, secure environment.
Here is a look at the components to a Sovrin Steward — a validator node and client deployment.
Performs consensus and maintains public ledger
- This is the allocated compute, network and security resources
- Validator nodes can connect to other validator nodes
- Validator can connect to one client at a time
Performs authenticated actions to the public ledger
- Done by invoking validator nodes
- Clients can connect to multiple validator nodes, but one at a time
The validator node gets deployed as part of this offering. The client deployment is simplified so Stewards can locally build and configure their client environment in their development environment of choice.
Steps to deploy a validator and client can be found in the Sovrin Steward Preparation where a lot of these processes have been automated through the Sovrin Steward Service by IBM, with security, availability, rapid provisioning and experience, top of mind.
As part of the Sovrin Trust Framework, Stewards are required to follow technical policies, which require investment in compute and administration resources. The IBM offering takes steward node, monitoring and reporting and SLA components of the trust framework into consideration and automates things like the management, deployment (and others) of Sovrin (Indy) and dependent code to offload those requirements for accepted Stewards.
Global IBM Cloud is leveraged to offer a highly available validator deployment. IBM deploys each validator node with failover capabilities, the broader network benefits as a whole, ensuring high network integrity and availability.
If you are interested in being a Sovrin Steward, start by visiting the Stewards page:
- Review sections 5.2 and 7 of the Sovrin Trust Framework.
- All Sovrin Steward applications must be submitted to the Sovrin Foundation for approval. Visit Sovrin Steward to apply. Contact IBM or Sovrin if you have any questions.
- Follow the steps as part of applying. They will require submission of business and technical readiness to join.
Once approved to join by the foundation, please reach out to our experts to inquire about how you can get access to our Sovrin Steward beta.
Please also connect with me @milan3patel for anything decentralized identity.
Source link https://www.ibm.com/blogs/blockchain/2018/08/ibm-blockchain-trusted-identity-sovrin-steward-closed-beta-offering/