Self-sovereign identity: a primer and call for research in information systems

In this research-in-progress paper, we encourage information systems (IS) researchers to consider the self-sovereign identity (SSI) approach to identity management. We highlight several issues with current data practices, then provide an overview of SSI by discussing the technology and actors involved. Finally, we call for more IS research on SSI to ultimately increase its adoption

Enterprise Business Models Leveraging Self-Sovereign Identity: Towards a User-Empowering Me2X Economy

The Self-Sovereign Identity (SSI) paradigm aims to transition online identity silos exhibiting privacy issues to user-controlled sharing mechanisms. While various governments back and promote its development, business models often play a subordinate role in these efforts. Building on academic literature and practical projects, our study addresses this and contributes a taxonomy of business enabled by SSI with 12 dimensions, 9 sub-dimensions, and 51 characteristics

Enabling farming data traceability in Mexico

CGIAR Research Initiative on Digital Innovation collaborated with CIMMYT and Bluenumber to deploy a pilot project in Mexico to evaluate a scalable data traceability approach that can incentivize farmers' sharing data and sustainable production using open data sharing protocol with the self-sovereign identity (SSI) technology. This progress report from Bluenumber provides an overview of the project activities in 2022

Identifying and tracking physical objects with hyperledger decentralized applications

El paso del tiempo ha dejado clara la tendencia a la descentralización. Las Distributed Ledger Technologies, como el Blockchain han aportado un abanico completo de nuevas posibilidades para mejorar, en este caso, la gestión de la confianza y la identidad en Internet, como lo hace la Self Sovereign Identity (SSI) . Esta tesis ha analizado el impacto del Blockchain para IoT con el proyecto Linux Foundation llamado Hyperledger, concretamente, con su solución Identity Stack. Aunque es un proyecto realmente sin madurar, tiene algunas herramientas útiles para empezar a entender y probar las capacidades de esta tecnología. Para aclarar las cosas, el proyecto consiste en una simulación de escenario práctico de comunicación y de envío credenciales verificadas entre una Raspberry Pi con un sensor RFID, que realizará el seguimiento del estado de entrega de un objeto, y una aplicación gráfica Java. Todo a través del Hyperledger SSI Stack, formado por una instancia pública de Indy Ledger y agentes Aries.El pas del temps ha deixat clara la tendència a la descentralització. Les Distributed Ledger Technologies, com el Blockchain han aportat un ventall complet de noves possibilitats per millorar, en aquest cas, la gestió de la confiança i la identitat a Internet, com ho fa la Self Sovereign Identity (SSI). Aquesta tesi ha analitzat l'impacte del Blockchain per a IoT amb el projecte Linux Foundation anomenat Hyperledger, concretament, amb la seva solució Identity Stack. Tot i que és un projecte realment sense madurar, té algunes eines útils per començar a entendre i provar les capacitats d'aquesta tecnologia. Per aclarir les coses, el projecte consisteix en una simulació d'escenari pràctic de communicació i d'enviament credencials verificades entre una Raspberry Pi amb un sensor RFID, que farà el seguiment de l'estat de lliurament d'un objecte, i una aplicació gràfica Java. Tot a través de l'Hyperledger SSI Stack, format per una instància pública d'Indy Ledger i agents Aries.The passing of time has made clear the trend of decentralization. Distributed ledger technologies like Blockchain have brought a full range of new possibilities to improve, in this case, trust and identity management on the internet as Self Sovereign Identity (SSI) does. This thesis has analyzed the Blockchain impact for IoT with the Linux Foundation Project called Hyperledger, concretely, with its Identity Stack solution. Even though it is a really unmatured project, it has some useful tools to start understanding and testing the capabilities of this technology. To make things clear, the project consists in a practical scenario simulation of communication and verified credentials sending between a Raspberry Pi with an RFID sensor, which will be tracking an object's state of delivery, and a graphical Java Application. Everything through the Hyperledger SSI Stack, formed by a public Indy network instance and Aries agents

A conceptual decentralized identity solution for state government

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital identity management in the public sector, discusses existing practices, presents the SSI framework as a solution, and outlines potential future research areas

The Social Construction of Self-Sovereign Identity: An Extended Model of Interpretive Flexibility

User-centric identity management systems are gaining momentum as concerns about Big Tech and Big Government rise. Many of these systems are framed as offering Self-Sovereign Identity (SSI). Yet, competing appropriation and the social embedding of SSI have resulted in diverging interpretations. These vague and value-laden interpretations can damage the public discourse and risk misrepresenting values and affordances that technology offers to users. To unpack the various social and technical understandings of SSI, we adopt an ‘interpretive flexibility’ lens. Based on a qualitative inductive interview study, we find that SSI’s interpretation is strongly mediated by surrounding institutional properties. Our study helps to better navigate these different perceptions and highlights the need for a multidimensional framework that can improve the understanding of complex socio-technical systems for digital government practitioners, researchers, and policy-makers

Self-Sovereign Identity Ecosystems: Benefits and Challenges

Verifiable credentials, coupled with decentralized ledger technologies, have been potential providers of trustworthy digital identity for individuals, organizations, and other entities, and thus, potential enablers of trustful digital interactions. The rapid development of this technology—called self-sovereign identity (SSI)—and the ecosystems built around it have been fostered even more by the societal needs stemming from the current pandemic crisis, when governments, non-profit organizations, businesses, and individuals are working together on different aspects of SSI to enable mainstream adoption. In this study, we build on rich qualitative data gathered from SSI practitioners to give a fresh overview of the perceived benefits and challenges of SSI. The paper advances research on the domain of SSI adoption and provides valuable insights into the feasibility of SSI for practitioners both in the private and public sectors

Ersetzen künftig «Verifiable Credentials» X.509-Zertifikate?

X.509-Zertifikate gibt es schon seit über 40 Jahren. Sie werden für die Identifikation von Subjekten (Web-Servern, Personen, usw.) verwendet. Sie gelten als vertrauenswürdige und erprobte Berechtigungsnachweise und wir verlassen uns tagtäglich auf sie. Warum also mit Verifiable Credentials (VC) eine neue, in der breiten Öffentlichkeit unbekannte Technologie einführen? Um eine Public Key Infrastruktur (PKI) Lösung (welche auf X.509-Zertifikaten beruht) mit einer Self-Sovereign Identity (SSI) Lösung vergleichen zu können, muss zuerst der Unterschied und die Eigenschaften ihrer Berechtigungsnachweise beleuchtet werden

Identità digitale e servizi web decentralizzati: interoperabilità e single sign-on

Questo documento descrive il lavoro che ho svolto durante il periodo di internship, presso l’azienda Athesys srl. L’internship è durato 300 ore circa, dal 13 Marzo 2023 al 26 Maggio 2023 e sono stati approfonditi temi riguardanti l’innovazione e la ricerca applicata in ambito di identità decentralizzata e di Self-Sovereign Identity (SSI). Attualmente, la privacy delle informazioni relative le identità digitali non è completamente tutelata: spesso, è necessaria una figura intermedia che li memorizza e li gestisce. In questo modo, l’utilizzo delle informazioni da parte dell’utente proprietario dell’identità è sempre condizionato dalla figura intermedia. Nasce quindi la necessità di una nuova gestione delle informazioni personali, che restituisca all’utente il controllo della propria identità digitale. Self-Sovereign Identity (SSI) è un recente modello ideato per rimuovere la figura intermedia e garantire all’utente la gestione completa dei propri dati. La soluzione si colloca in ambito Identity and Access Management (IAM) e può essere abbinata alle diverse tipologie di login, quale Single Sign-On (SSO). La tecnologia è sostenuta dalla fondazione Hyperledger ed utilizza le blockchain. Aries JS è un framework che implementa il nuovo modello ed ho creato un prototipo, affinché Athesys srl possa valutarne l’integrazione con il suo applicativo Monokee SSO. Gli altri obbiettivi da raggiungere durante il tirocinio consistevano in una formazione adeguata in merito all’identità decentralizzata, un approfondimento delle tecnologie (ad esempio: Indicio TestNet, TypeScript, Node.JS ed Express JS), l’analisi, la progettazione e lo sviluppo di un PoC dimostrativo, in forma di API, per la generazione di credenziali.This document describes the work I did during the internship period at the company Athesys srl. The internship lasted approximately 300 hours, from 13 March 2023 to 26 May 2023 and topics concerning innovation and applied research in the field of decentralized identity and Self-Sovereign Identity (SSI) were explored. Currently, the privacy of information relating to digital identities is not fully protected: often, an intermediary figure is needed to store and manage them. In this way, the use of the information by the user who owns the identity is always conditioned by the intermediary figure. The need therefore arises for a new management of personal information, which gives the user control of their digital identity. Self-Sovereign Identity (SSI) is a recent model designed to remove the intermediary figure and guarantee the user complete management of their data. The solution is placed in the Identity and Access Management (IAM) area and can be combined with different types of logins, such as Single Sign-On (SSO). The technology is backed by the Hyperledger foundation and uses blockchains. Aries JS is a framework that implements the new model and I created a prototype so that Athesys srl can evaluate its integration with its Monokee SSO application. The other objectives to be achieved during the internship consisted of adequate training on decentralized identity, an in-depth study of technologies (for example: Indicio TestNet, TypeScript, Node.JS and Express JS), analysis, design and development of a demonstration PoC, in the form of an API, for generating credentials