Trusted identity

Self-sovereign identity: Our recent activity as a Sovrin Steward

Share this post:

During the most recent Internet Identity Workshop, IBM announced our entrance into the decentralized identity arena by joining the Sovrin Foundation. The days that followed have been busy and exciting, and highlighted by both IBM and community milestones.

Developer enablement

To help developers get acquainted with The Linux Foundation’s Hyperledger Indy concepts we contributed two GitHub repositories to allow for the quick and easy creation of turnkey Docker-based exploratory sandboxes:

  • Indy Basics: A devOps tutorial that can be used to gather hands-on experience with self-sovereign identity (SSI) and verifiable credentials (VC) using a command-line interface to drive the Faber College scenario outlined in the Indy Getting Started Guide.
  • Indy World: A demo package that provides a web-based interface for the Faber College scenario to explore how credentials can be used in a decentralized identity ecosystem to perform know your customer (KYC).

Our Indy World contribution also highlights the applicability of the collaborative Verifiable Organizations Network (VON) contribution from several Canadian Government agencies (Province of British Columbia, Public Services and Procurement Canada, and the Government of Ontario). The VON contribution provides a bootstrap for your early journey with SSI and VC and was created as a way for organizations to establish trusted, interoperable and secure digital transactions with the government. It provides a set of application program interface (API) wrappers around the more complex primitives offered in Indy.

Let’s solve digital identity together

Concept maturation

We have also been busy participating in community workgroups focused on several of the evolving components of the Sovrin Network. The Sovrin Trust Framework is entering its second version update and we have several early instances, CULedger and the Information Trust Exchange, that will help us establish a repetitive methodology to aid others who desire to establish domain specific trust frameworks. The intent of the native Sovrin Token is to align the incentives of the stakeholders in a global network for verifiable digital credentials.

There are several reasons for a native token and I will address them in detail in a future article. For now, I urge readers to consider the challenges of balancing open access to the Sovrin public ledger while mitigating the risks of spam and DDoS attacks. Sovrin can offer open, trustless access by setting the fees for writes high enough to discourage abuse of the network while at the same time keeping fees as low as possible for anyone following the Sovrin Web of Trust model. The goal of course is ensuring identity for all and enabling the promise of ID2020.

Given the leadership of IBM in demonstrating the value of blockchain to supply chain and asset provenance business problems, I am often asked by clients how the SSI/VC movement will add value to business networks built on the IBM Blockchain Platform. Since our entrance into the Sovrin Foundation, we have assigned resources to explore that very question. We are incubating the applicability of verifiable credentials to IBM Cloud Identity (IDaaS) as an alternative identity verification policy that can be deployed by business networks. We are also  investigating how the Hyperledger Composer Programming Model can benefit from the use of Decentralized Identifiers (DIDs) when assigning identities to business networks and  their participants.

Recent conference highlights

At Consensus 2018, attendees at our conference exhibit booth witnessed several demonstrations depicting how we are planning on delivering on our vision to leverage decentralized identity.

Our Commercial Paper demo depicts how a trading network for short-term unsecured promissory notes issued by companies might be implemented on IBM Blockchain Platform. We have extended the demonstration to provide a glimpse into some of the synergistic benefits of using DIDs during the development and deployment phases of a business network. Once a participant in a Hyperledger Fabric based business network is associated with a DID, participants can then partake in the issuance and verification of verifiable credentials between network peers and also external entities like a regulator in a trading network.  Our enhancements provide early insight into the complementary value between Hyperledger Indy and Hyperledger Fabric.

We also showcased an early integration demonstration of our IBM Watson Financial Crimes Insights engine. Augmenting our existing industry regulatory expertise provided by Promontory, an IBM Company, for KYC processing, this demo uses verifiable credentials as an alternative to third party identity verification services during KYC processing.

Consensus 2018 also provided several highlights for the decentralized identity community. First, I want to applaud our fellow Decentralized Identity Foundation (DIF) member, Microsoft, for their presentation and live demonstration of DID interoperability. The DIF and Sovrin communities collectively recognize the importance of showing how the decentralized identity movement is ready for evaluation today. Microsoft’s industry update at Consensus 2018 delivered three key community beliefs:

  • We must work together to ensure that the entire world population of 7.6 billion will have an equal opportunity to lifetime portable identity.
  • Success in this endeavor will demand a seamless user experience that is intuitive, efficient and scalable.
  • Interoperability is paramount for success and depends heavily on a robust and active standards and open source software community.

Secondly, as an ambassador for DIF, IBM is proud to recognize our newest member, SecureKey, who has joined DIF to help advance interoperability standards between heterogenous digital identity networks.

It has been an exciting few weeks, I wonder what’s next for us.

Contact an IBM Blockchain Trusted Identity expert today

DE / CTO Trusted Identity, Blockchain Technologies - IBM Industry Platform

More Trusted identity stories

The internet’s next step: The era of digital credentials

Imagine being able to rid your wallet of a driver’s license, an insurance card, a student or employee ID and more. Imagine not having to worry about losing your passport and vaccination records on a trip abroad, or about the authenticity of the designer shoes you just purchased. This and much more is possible with […]

Continue reading

Automating workplace vaccination verification — a path out of the pandemic

Workplace vaccination mandates are coming for employers. In the United States, The Department of Labor’s Occupational Safety and Health Administration (OSHA) recently released a rule on requiring all employers with 100 or more employees to ensure their workforce is fully vaccinated or require any workers who remain unvaccinated to produce a negative test result on […]

Continue reading

Blockchain for trusted security labels

Blockchain makes it possible to securely and at-scale identify and label any subject and object entity with cryptographically verifiable security credentials. When literally everything is labeled with verifiable, authoritative, machine-readable security credentials (such as classification level, access category and others), multi-level security (MLS) systems can enforce mandatory and discretionary access controls and other MLS-specific isolation. […]

Continue reading