Imagine a world in which you always have peace of mind that your personal information is safe. Imagine a world in which your information cannot be shared without your clear, explicit consent at the time of the transaction; where you decide who can access what information, when, and for how long. In this world, you can even later choose to revoke that privilege. You are in control. Every person, organization, or thing can have its own truly-independent digital identity that no other person, company, or government can take away.
Today, we are not in control of our identity. Our personal information lives in centralized repositories outside of our control. Information is often shared without our awareness. On a daily basis, we see stories of security breaches and identity theft that erode our confidence and trust.
At IBM we are focused on leading a global shift to decentralized identity that is built on blockchain technology. Blockchain provides distributed ledger technology as the foundation for decentralized identity. In this solution, trust is not rooted in any single point of control but is shared across participants in a network where each person has varying degrees of permission to view data.
Beyond just the technology, however, we must work as a community to establish standards and evolve regulations to work in a decentralized world.
That is why today we are excited to announce IBM has joined the Decentralized Identity Foundation (DIF) as a complement to our current stewardship in the Hyperledger Project. Today, the Hyperledger Project has also announced that they are joining DIF as we together join like-minded organizations such as Microsoft, Evernym, the Sovrin Foundation, and others who aspire to make the vision of self-sovereign identity a reality.
IBM joined DIF because we believe it will take open community and standards to achieve the vision of self-sovereign identity. For example, members of DIF are focused on the establishment of an open web platform standard within the W3C standards organization called Decentralized Identifier (DID). A DID will provide a standard global resource naming scheme for identity.
There is a global Internet standard for naming resources called a uniform resource identifier or URI. When you type https://www.ibm.com into your browser, a URI ensures you always end up at IBM’s website. Similarly, we need one standard to identify an individual, as well.
In addition to a distributed ledger and global standards, one of the most significant contributions of blockchain based identity management will be to enable verifiable claims. Verifiable claims are tamper-proof, cryptographic statements of truth. For example, let’s say “Sam” is applying for a car loan with “Acme Bank.” The Bank needs to know that Sam is trusted and can afford the car. Today, he would fill out a loan application and provide his personal information. In the new world of self-sovereign identity, this is no longer necessary. If Sam’s employer is a provider of verifiable claims in the blockchain identity network, the employer can attest that Sam is employed with them and makes more than $50,000 a year.
Since he does business with three other banks and these banks are also providers on the network, he can give consent for his employers and the three banks to validate his claim with Acme Bank. Acme can issue a new loan to Sam with minimal information all shared with Sam’s explicit consent. Using this process not all personal information needs to be shared, such as his exact salary, instead, the network validates that it is above a certain threshold.
Today, we are at a transformative juncture in personal identity made possible by blockchain and open standards through the work of organizations like DIF and the Hyperledger Project. IBM is already pioneering new digital identity and attribute sharing networks built on open standards through our partnership with SecureKey.
We are currently piloting a network in Canada designed to make it easier for consumers to verify they are who they say they are, in a privacy-enhanced, secure and more efficient way using the IBM Blockchain Platform.
Blockchain makes it possible to securely and at-scale identify and label any subject and object entity with cryptographically verifiable security credentials. When literally everything is labeled with verifiable, authoritative, machine-readable security credentials (such as classification level, access category and others), multi-level security (MLS) systems can enforce mandatory and discretionary access controls and other MLS-specific isolation. […]
To successfully plan and execute today’s complex military operations in defense of a nation’s interests requires timely, accurate, trusted and unambiguous communications up, down, and across an extended chain-of-command spanning multi-national air, ground, sea, space and cyber forces. Blockchain can facilitate and accelerate these multi-domain command and control (MDC2) operations by providing assured, cross-domain digital […]
Identity and control of personal identity is top of mind, given recent events as well as the European Union’s General Data Protection Regulation (GDPR). A lot of our identity is shared without our explicit consent, gets stored in locations we are unaware of, and when compromised creates tremendous setbacks. Almost everything we do in the […]