Book description
In a world of changing privacy regulations, identity theft, and online anonymity, identity is a precious and complex concept. Self-Sovereign Identity (SSI) is a set of technologies that move control of digital identity from third party “identity providers” directly to individuals, and it promises to be one of the most important trends for the coming decades. Now in Self-Sovereign Identity, privacy and personal data experts Drummond Reed and Alex Preukschat lay out a roadmap for a future of personal sovereignty powered by the Blockchain and cryptography. Cutting through the technical jargon with dozens of practical use cases from experts across all major industries, it presents a clear and compelling argument for why SSI is a paradigm shift, and shows how you can be ready to be prepared for it.About the Technology
Trust on the internet is at an all-time low. Large corporations and institutions control our personal data because we’ve never had a simple, safe, strong way to prove who we are online. Self-sovereign identity (SSI) changes all that.
About the Book
In Self-Sovereign Identity: Decentralized digital identity and verifiable credentials, you’ll learn how SSI empowers us to receive digitally-signed credentials, store them in private wallets, and securely prove our online identities. It combines a clear, jargon-free introduction to this blockchain-inspired paradigm shift with interesting essays written by its leading practitioners. Whether for property transfer, ebanking, frictionless travel, or personalized services, the SSI model for digital trust will reshape our collective future.
What's Inside
- The architecture of SSI software and services
- The technical, legal, and governance concepts behind SSI
- How SSI affects global business industry-by-industry
- Emerging standards for SSI
About the Reader
For technology and business readers. No prior SSI, cryptography, or blockchain experience required.
About the Authors
Drummond Reed is the Chief Trust Officer at Evernym, a technology leader in SSI. Alex Preukschat is the co-founder of SSIMeetup.org and AlianzaBlockchain.org.
Quotes
This book is a comprehensive roadmap to the most crucial fix for today’s broken Internet.
- Brian Behlendorf, GM for Blockchain, Healthcare and Identity at the Linux Foundation
If trusted relationships over the Internet are important to you or your business, this book is for you.
- John Jordan, Executive Director, Trust over IP Foundation
Decentralized identity represents not only a wide range of trust-enabling technologies, but also a paradigm shift in our increasingly digital-first world.
- Rouven Heck, Executive Director, Decentralized Identity Foundation
Publisher resources
Table of contents
- Self-Sovereign Identity
- Copyright
- dedication
- contents
- front matter
- Part 1 An introduction to SSI
- 1 Why the internet is missing an identity layer—and why SSI can finally provide one
- 2 The basic building blocks of SSI
-
3 Example scenarios showing how SSI works
- 3.1 A simple notation for SSI scenario diagrams
- 3.2 Scenario 1: Bob meets Alice at a conference
- 3.3 Scenario 2: Bob meets Alice through her online blog
- 3.4 Scenario 3: Bob logs in to Alice’s blog to leave a comment
- 3.5 Scenario 4: Bob meets Alice through an online dating site
- 3.6 Scenario 5: Alice applies for a new bank account
- 3.7 Scenario 6: Alice buys a car
- 3.8 Scenario 7: Alice sells the car to Bob
- 3.9 Scenario summary
- Reference
- 4 SSI Scorecard: Major features and benefits of SSI
- Part 2 SSI technology
-
5 SSI architecture: The big picture
- 5.1 The SSI stack
- 5.2 Layer 1: Identifiers and public keys
-
5.3 Layer 2: Secure communication and interfaces
- 5.3.1 Protocol design options
- 5.3.2 Web-based protocol design using TLS
- 5.3.3 Message-based protocol design using DIDComm
- 5.3.4 Interface design options
- 5.3.5 API-oriented interface design using wallet Dapps
- 5.3.6 Data-oriented interface design using identity hubs (encrypted data vaults)
- 5.3.7 Message-oriented interface design using agents
- 5.4 Layer 3: Credentials
- 5.5 Layer 4: Governance frameworks
- 5.6 Potential for convergence
- References
- 6 Basic cryptography techniques for SSI
-
7 Verifiable credentials
- 7.1 Example uses of VCs
- 7.2 The VC ecosystem
- 7.3 The VC trust model
- 7.4 W3C and the VC standardization process
- 7.5 Syntactic representations
- 7.6 Basic VC properties
- 7.7 Verifiable presentations
- 7.8 More advanced VC properties
- 7.9 Extensibility and schemas
- 7.10 Zero-knowledge proofs
- 7.11 Protocols and deployments
- 7.12 Security and privacy evaluation
- 7.13 Hurdles to adoption
- References
- 8 Decentralized identifiers
-
9 Digital wallets and digital agents
- 9.1 What is a digital wallet, and what does it typically contain?
- 9.2 What is a digital agent, and how does it typically work with a digital wallet?
- 9.3 An example scenario
- 9.4 Design principles for SSI digital wallets and agents
- 9.5 Basic anatomy of an SSI digital wallet and agent
- 9.6 Standard features of end-user digital wallets and agents
- 9.7 Backup and recovery
- 9.8 Advanced features of wallets and agents
- 9.9 Enterprise wallets
- 9.10 Guardianship and delegation
- 9.11 Certification and accreditation
- 9.12 The Wallet Wars: The evolving digital wallet/agent marketplace
- Reference
-
10 Decentralized key management
- 10.1 Why any form of digital key management is hard
- 10.2 Standards and best practices for conventional key management
- 10.3 The starting point for key management architecture: Roots of trust
- 10.4 The special challenges of decentralized key management
- 10.5 The new tools that VCs, DIDs, and SSI bring to decentralized key management
- 10.6 Key management with ledger-based DID methods (algorithmic roots of trust)
- 10.7 Key management with peer-based DID methods (self-certifying roots of trust)
-
10.8 Fully autonomous decentralized key management with Key Event Receipt Infrastructure (KERI)
- 10.8.1 Self-certifying identifiers as a root of trust
- 10.8.2 Self-certifying key event logs
- 10.8.3 Witnesses for key event logs
- 10.8.4 Pre-rotation as simple, safe, scalable protection against key compromise
- 10.8.5 System-independent validation (ambient verifiability)
- 10.8.6 Delegated self-certifying identifiers for enterprise-class key management
- 10.8.7 Compatibility with the GDPR “right to be forgotten”
- 10.8.8 KERI standardization and the KERI DID method
- 10.8.9 A trust-spanning layer for the internet
- 10.9 Key takeaways
- References
-
11 SSI governance frameworks
- 11.1 Governance frameworks and trust frameworks: Some background
- 11.2 The governance trust triangle
- 11.3 The Trust over IP governance stack
- 11.4 The role of the governance authority
- 11.5 What specific problems can governance frameworks solve?
- 11.6 What are the typical elements of a governance framework?
- 11.7 Digital guardianship
- 11.8 Legal enforcement
- 11.9 Examples
- References
- Part 3 Decentralization as a model for life
- 12 How open source software helps you control your self-sovereign identity
- 13 Cypherpunks: The origin of decentralization
- 14 Decentralized identity for a peaceful society
- 15 Belief systems as drivers for technology choices in decentralization
-
16 The origins of the SSI community
- 16.1 The birth of the internet
- 16.2 Losing control over our personal information
- 16.3 Pretty Good Privacy
- 16.4 International Planetwork Conference
- 16.5 Augmented Social Network and Identity Commons
- 16.6 The Laws of Identity
- 16.7 Internet Identity Workshop
- 16.8 Increasing support of user control
- 16.9 Rebooting the Web of Trust
- 16.10 Agenda for Sustainable Development and ID2020
- 16.11 Early state interest
- 16.12 MyData and Learning Machine
- 16.13 Verifiable Claims Working Group, Decentralized Identity Foundation, and Hyperledger Indy
- 16.14 Increasing state support for SSI
- 16.15 Ethereum identity
- 16.16 World Economic Forum reports
- 16.17 First production government demo of an SSI-supporting ledger
- 16.18 SSI Meetup
- 16.19 Official W3C standards
- 16.20 Only the beginning
- References
- 17 Identity is money
- Part 4 How SSI will change your business
- 18 Explaining the value of SSI to business
- 19 The Internet of Things opportunity
- 20 Animal care and guardianship just became crystal clear
- 21 Open democracy, voting, and SSI
-
22 Healthcare supply chain powered by SSI
- 22.1 Emma’s story
- 22.2 Supply chain transparency and efficiency through SSI
- 22.3 Industry ecosystem efficiency powered by SSI
- 22.4 Future supply chain transformation across industries: The big picture
- 22.5 Eliminating waste
- 22.6 Authentication and quality
- 22.7 SSI Scorecard for the pharma supply chain
- References
-
23 Canada: Enabling self-sovereign identity
- 23.1 The Canadian context
- 23.2 The Canadian approach and policy framework
- 23.3 The Pan-Canadian Trust Framework
- 23.4 The normative core
- 23.5 Mutual recognition
- 23.6 Digital ecosystem roles
- 23.7 Supporting infrastructure
- 23.8 Mapping the SSI stack to the PCTF model
- 23.9 Using the Verifiable Credentials Model
- 23.10 Enabling Self-Sovereign Identity
- 23.11 SSI Scorecard for the Pan-Canadian Trust Framework
- 24 From eIDAS to SSI in the European Union
-
appendix A Additional Livebook chapters
- Chapter 25: SSI, payments, and financial services
- Chapter 26: Solving organizational identity with vLEIs
- Chapter 27: SSI and healthcare
- Chapter 28: Enterprise identity and access management realized with SSI
- Chapter 29: Insurance reinvented with SSI
- Chapter 30: Enabling SSI in humanitarian contexts
- Chapter 31: Guardianship and other forms of Delegated Authority with Self-Sovereign Identity
- Chapter 32: Design principles for SSI
- Chapter 33: SSI: Our dystopian nightmare
- Chapter 34: Trust assurance in SSI ecosystems
- Chapter 35: The evolution of gaming with SSI
-
appendix B Landmark essays on SSI
- “The Domains of Identity”
- “New Hope for Digital Identity”
- “The Architecture of Identity Systems”
- “Three Dimensions of Identity”
- “Meta-Platforms and Cooperative Network-of-Network Effects”
- “Verifiable Credentials Aren’t Credentials. They’re Containers.”
- “The Seven Deadly Sins of Customer Relationships”
-
appendix C The path to self-sovereign identity
- You can’t spell “identity” without an “I”
-
The evolution of identity
- Phase one: Centralized identity (administrative control by a single authority or hierarchy)
- Phase two: Federated identity (administrative control by multiple, federated authorities)
- Phase three: User-centric identity (individual or administrative control across multiple authorities without requiring a federation)
- Phase four: Self-sovereign identity (individual control across any number of authorities)
- A definition of self-sovereign identity
- Ten principles of self-sovereign identity
- Conclusion
- appendix D Identity in the Ethereum blockchain ecosystem
- appendix E The principles of SSI
- index
- contributing authors
Product information
- Title: Self-Sovereign Identity
- Author(s):
- Release date: July 2021
- Publisher(s): Manning Publications
- ISBN: 9781617296598
You might also like
book
Learning Digital Identity
Why is it difficult for so many companies to get digital identity right? If you're still …
audiobook
The Manager's Path
Managing people is difficult wherever you work. But in the tech industry, where management is also …
audiobook
Crucial Conversations
The book that revolutionized business communications has been updated for today's workplace. Crucial Conversations provides powerful …
audiobook
Leading Effective Engineering Teams
In this insightful and comprehensive guide, Addy Osmani shares more than a decade of experience working …