Self sovereign identity use cases
SpeakerNiels van Dijk
TrackTrack 3
DescriptionUsing Federated Identity Management (FIM), the R&E community has over the years built a secure and trusted infrastructure for authentication and authorization that spans the globe. Recently, a new paradigm has emerged in the identity ecosystem: Self-Sovereign Identity.
Core premise of Self-Sovereign Identity, or SSI, is that the user is directly responsible for, and in control of their own personal data. To enable the flow of information, a user will first collect data from an authoritative source, e.g. an institution. This data is put under user control, in a so-called ‘wallet’. Next, when the user needs access to a service, the service may ask the user to provide proof of ownership of certain credentials, either to establish the user identity, or to determine proper authorization. A data registry, which may be implemented as a distributed ledger, is used by all parties involved to establish the trust in the transactions.
SSI may provide our sector with interesting opportunities, especially in areas like life-long learning and researcher identity. It may also help improve engaging with other sectors, either to provide or consume credentials in a much easier fashion. Leverage SSI to lower the ‘cost’ of establishing trust, especially when engaging with the long tail may be yet another use case. SSI does however also come with various challenges, both technical as well as from an organisational and legal perspective.
After briefly introducing the core concepts of SSI, this talk will present three SSI use cases as these were explored in the GÉANT Trust and Identity Incubator: eduID, Diplomas and micro-credentials and Researcher ID.
The talk will discuss for each of these the opportunities, compare them to existing FIM solutions, discuss the business case, but also list the challenges that exist in making these scenarios become reality.
Core premise of Self-Sovereign Identity, or SSI, is that the user is directly responsible for, and in control of their own personal data. To enable the flow of information, a user will first collect data from an authoritative source, e.g. an institution. This data is put under user control, in a so-called ‘wallet’. Next, when the user needs access to a service, the service may ask the user to provide proof of ownership of certain credentials, either to establish the user identity, or to determine proper authorization. A data registry, which may be implemented as a distributed ledger, is used by all parties involved to establish the trust in the transactions.
SSI may provide our sector with interesting opportunities, especially in areas like life-long learning and researcher identity. It may also help improve engaging with other sectors, either to provide or consume credentials in a much easier fashion. Leverage SSI to lower the ‘cost’ of establishing trust, especially when engaging with the long tail may be yet another use case. SSI does however also come with various challenges, both technical as well as from an organisational and legal perspective.
After briefly introducing the core concepts of SSI, this talk will present three SSI use cases as these were explored in the GÉANT Trust and Identity Incubator: eduID, Diplomas and micro-credentials and Researcher ID.
The talk will discuss for each of these the opportunities, compare them to existing FIM solutions, discuss the business case, but also list the challenges that exist in making these scenarios become reality.
Presentation documents
All talks
- Addressing the Skills Gap in Cybersecurity
- After 10 years of cloudification
- An invitation to Quantum networking
- Assurance!
- Automatic verification of MPLS networks
- Better learning environments for the students by working with standards and integrations?
- Borealis Crossing the North Pole. towards US and Asia
- CNaaS in Norway - lessons learned after three years of operations
- Cables as part of Arctic Ocean Observing System (AOOS)
- Campus Network as a Service in Sunet
- Can We Reach Exascale?
- Can we transition away from passwords?
- Closing Plenary Talk
- Cloud Strategy and Data Migration Efforts at UiT, The Arctic University of Norway
- Creating a national CERT: Adapting to scale
- Cyber Inspiration or Never Waste a Good Crisis
- Cybersecurity Collaboration - Bringing Together Colleges and Universities in Ontario, Canada
- Cybersecurity Risks Challenge Nordic NRENs on Security Governance
- Development of the SMART Repeater Sensor System
- EDSSI European digital student service infrastructure
- Education and TF-EDU
- Fiber Optic Sensing in the Arctic Utilizing DAS (Distributed Acoustic Sensing) Technology
- Fiber optic time transfer from UTC (SP) to a VLBI location utilizing Sunet
- Funet Campus Network as a Service - First implementations
- Get ready for the 800 GE reality
- Goodbye Iceland - Hello Norway
- How to Mitigate a Global Supply Crisis
- ISO 27K certification for the University of Iceland
- InAcademia, some Swedish insights
- Introduction to SeQUeNCe, a Customizable Discrete-Event Simulator of Quantum Networks
- It's all about Communications
- Large Scale Distributed Sensing Infrastructures for Earth Observation
- Machine Learning Foundations for Network Operations
- Microdep and the Zero Outage Vision
- Modernising Funet Network Monitoring
- Moving North: Arctic Development in Times of Geopolitical Changes
- Network technology needs for supporting genomics data managent in Europe
- OCRE - Driving Innovation through the adoption of commercial Cloud and EO services
- Official Welcome to Iceland
- Opening Keynote: How HPC contributes to Victories in Professional Cycling
- Operating the NORDUnet Next Generation Network - Challenges and Where to Next?
- Parallel and Scalable Machine Learning
- QKD and Quantum Communication activities in NRENs
- Quantum Computing
- Quantum Internet Alliance: Towards a pan-European
- Quantum Network Testbed
- SSH certificates for a federated world
- SURF Automation
- SciStream: Architecture and Toolkit for Data Streaming between Federated Science Instrument
- SeamlessAccess: Value for researchers, SP's, iDP's and federations
- Securing Research Infrastructure
- Securing identity services on Linux
- Self sovereign identity use cases
- Short Tips to Using a PMP Service
- Software complexity is bad for security
- Technology challenges in exascale supercomputing
- The Cinia/Far North Digital Cable through the North West Passage
- The ESnet6 Approach to Network Orchestration and Automation
- The GÉANT Community eHealth Task Force wants you !
- The Importance of Preparedness: Keys to Successful Business Continuity Planning
- The NEA3R Collaboration: Expanding Support for Global Science
- The Network Automation eAcademy
- The economic value of submarine cables in the Arctic
- The future Eco-system of our Digital learning and NORDUnet
- The needs of science and society for time and frequency services over optical-fibre networks in Europe
- Threat Intel
- Time and frequency distribution in the GÉANT network
- TimeMap - tool for latency and jitter monitoring
- Welcome from the host
- When you hear hoofbeats think Unicorns not Horses: Unique Service Creation in a Commodity World
- Words from the CEO
- eduMEET - secure, private and affordable Video Conferencing for NRENs
- geteduroam will make eduroam easier for institution admins and end users
- perfSONAR 5.0