Taking an Identity Selfie – Self-Sovereign Identity and the Blockchain
In the early 2000s, there was a lot of work around defining what digital identity was and how it could be used in a connected digital world. In 2005, Kim Cameron of Microsoft came up with a set of laws for a digital identity metasystem. He named them the “Laws of Identity.” Within the remit of these laws were some key ideas that outlined the tenets of “user-centric,” privacy-enhanced digital identity for all. These concepts, which focus on user-control, are behind the movement of self-sovereign identity.
Digital identity has come a long way since then. Identity Access Management (IAM) was once the preserve of the enterprise and controlled within the closed environment of the enterprise perimeter. Then the perimeter was smashed by hyperconnectivity and cloud computing, and then along came the ubiquitous consumer use of the Internet. In the midst of all of this, cybersecurity threats took hold and forced focus onto the protection of the very data that made up digital identity. All of these things changed the technical requirements of IAM systems, forever.
Whilst more traditional IAM systems morph to accommodate the new era of identity, a movement known as self-sovereign identity (SSI) is afoot in the digital identity space
A Quick Overview of Self-Sovereign Identity
Before I begin to dig into the weeds of self-sovereignty and its applicability to modern identity, I’ll give a quick overview of what it actually is — in a nutshell.
Self-sovereign identity is a system that utilizes a blockchain to manage a person’s digital identity and the attributes that it comprises. It is different from a traditional database-linked identity because blockchain is decentralized.
It is this decentralization of identity that is the key differentiator of self-sovereign identity. The attributes, or claims, that a user has that make up their digital identity (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/dgpwbkBlSrs/