Dr. Mawaki Chango Kara University DigiLexis Consulting

Slides:

Advertisements

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Advertisements

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

ICANN/ccTLD Agreements: Why and How Andrew McLaughlin Monday, January 21, 2002 TWNIC.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Identity Management In A Federated Environment Identity Protection and Management Conference Presented by Samuel P. Jenkins, Director Defense Privacy and.

Credit Reporting: What’s the role for the state? Fredes Montes Financial Infrastructure The World Bank.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

ALT-C2010 7/09/ :50 Giving you back control of your data: An e-Qualification system for e-Portfolios Learning Societies Laboratory, School of Electronic.

Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

Management of the Internet

By Garland Land NAPHSIS Consultant. Importance of Birth Certificates Needed for: Social Security Card School Enrollment Driver’s License Passport.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

ICANN and the Internet Ecosystem. 2  A network of interactions among organisms, and between organisms and their environment.  The Internet is an ecosystem.

CNRI Handle System and its Applications

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

The Open Identity Framework Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)

WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.

HIT Policy Committee Nationwide Health Information Network Governance Workgroup Recommendations Accepted by the HITPC on 12/13/10 Nationwide Health Information.

TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.

Data Protection Compliance Professor Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.

Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.

Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia.

Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Access Management 2.0: UMA for the #UMAam20 for questions 20 March 2014 tinyurl.com/umawg for slides, recording, and more 1.

Scalable Trust Community Framework STCF (01/07/2013)

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

1 Copyright © International Security, Trust & Privacy Alliance -All Rights Reserved Making Privacy Operational International Security, Trust.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

LEFIS ROVANIEMI MEETING 19TH 20TH JANUARY 2007 Privacy In The Web TATYANA STEFANOVA LEX.BG BULGARIA.

Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.

COMMUNITY-WIDE HEALTH INFORMATION EXCHANGE: HIPAA PRIVACY AND SECURITY ISSUES Ninth National HIPAA Summit September 14, 2004 Prepared by: Robert Belfort,

The technology behind the USPS EPM. AND COMPLIANCE March 25, 2004 Adam Hoffman.

Dr. Ir. Yeffry Handoko Putra

Key management issues in PGP

A policy framework for an open and trusted Internet

Remarks by Dr Mawaki Chango Kara University DigiLexis Consulting

The Revolutionary Benefits Of Blockchain

Training for developers of X-Road interfaces

GDPR (General Data Protection Regulation)

How DLTs might impact the financial sector

Cryptography and Network Security

Security Issues.

INTERCONNECTION GUIDELINES

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Page 1 Fundamentals of Information Systems.

Blockchain Adrian Zaragoza.

Setting Actuarial Standards

Digital transformation of democracy?

Breaking through with Blockchain

Focus Group 3: Blockchain and digitalisation

Overview of Zero-Knowledge Systems Inc

Security in ebXML Messaging

XinFin Blockchain for global Trade and Finance

Blockchain technology at Change Healthcare

Distributed Ledger Technology (DLT) and Blockchain

Enhancing statistical practices to improve data sharing

Decentralized Identifiers and Self-Sovereign Identity Standards

Dashboard eHealth services: actual mockup

Appropriate Access InCommon Identity Assurance Profiles

The future of financial infrastructure An ambitious look at how blockchain can reshape financial services An Industry Project of the Financial Services.

Blockchain and Distributed Ledger Technology: Innovation, Operation, and Legal and Regulatory Implications Consumer Protection on the Blockchain Emily.

Cathrin Stöver (slides with the help of Sarah Jones, EOSC EB member)

Presentation transcript:

Dr. Mawaki Chango Kara University DigiLexis Consulting FROM STATE ADMINISTRATION TO BLOCKCHAIN? A Policy Perspective on the Fundamentals of Identity Dr. Mawaki Chango Kara University DigiLexis Consulting

Contents Socio-historical research on identity: research purpose and findings The making of digital identity Blockchain and self-sovereign identity The case of Sovrin Identity Network

SOCIO-HISTORICAL RESEARCH AND FINDINGS Lessons from THE MODERN STATE

Authoritative Identity Identity subjects have adopted it and use it Other parties which were not part of issuing it, rely on it. Becomes a standard referred to by more and more parties. Becomes an anchor around which an extensive record (of relevance) about the same individual is accumulated. Follow by off-slide elaboration.

The making of digital identity Tracing the process

1. Centralized Identity Administrative control by a single authority or hierarchy 1988: IANA began to determine the validity of IP addresses 1998: ICANN began to manage and make policies for domain names 1995: Certificate Authorities started helping Internet commerce sites

Limitations Users are locked in to a single authority who can deny their identity Balkanization or silos: juggling between an incontrollable number of identities on different websites Digital identities are owned by CAs, domain registrars, and individual sites They rent them to users and can revoke them at any time

2. Federated Identity Administrative control by multiple, federated authorities 1999: Microsoft .NET Passport Federated: allowed users to utilize the same ID on multiple sites But put Microsoft at the center of it all 2001: Liberty Alliance organized by Sun Microsystems Reduce balkanization but the power of centralized authority just got divided among several entities

3. User-centric Identity Administrative control in the hands of the individual or across multiple authorities without requiring federation Ambition to give every user the capability to build a persistent online identity, and control it. Making up for the lack of identity layer in the core Internet architecture

User-centric… 2001: Identity Commons Consolidation of work digital identity and decentralization Launch of Internet Identity Workshop in 2005 User-centric identity vs. Server-centric model of centralized authorities Better user experience Users to have more control over their ID Trust to be decentralized

Instances of User-centric ID OpenID (2005) OpenID 2.0 (2006) OpenID Connect (2014) OAuth (2010) FIDO (2013) Main characteristics User consent Interoperability

Research Findings on Digital ID Ref. Notes on Research Implications

4. Self-sovereign Identity Bringing in user autonomy User not only to be at the center but to become the ruler of their digital identity It’s being increasingly recognized that individuals “have an established right to an ‘identity’.” Leading to the emergence of ‘personal cloud’ initiatives (e.g., Open Mustard Seed begun in 2012 by Patrick Deegan)

Self-sovereign… Mathematical policy (e.g., Marlinspike) Cryptography is used to protect user’s autonomy and control Legal policy (e.g., Sovrin Identity Network) Defining principles and contractual rules that network members agree to follow In 2015, self-sovereign identity made an entrance in international policy (refugee crisis in Europe)

Main Characteristics User must be central to the administration of identity Interoperability across multiple locations and sites User consent Portability is required for true user’s control Allow ordinary users to make claims

A Few Basic Principles Prevent human rights abuses by the powerful Defend against financial and other losses Support the rights of the individual to be oneself and to freely associate And there are more…

Blockchain & self-sovereign identity will distributed ledger technology save digital identity?

Blockchain Distributed ledger technology (DLT) Peer to peer exchange of value Ledgers: form of database that is provided cooperatively by a pool of participants Distributed Public Encrypted Every 10 mn. all transactions verified, cleared and stored in a block linking to the preceding block Examples of Bitcoin and Ethereum Permissionless ledgers

Case: Sovrin Identity Network Sovrin is a software ecosystem for private, secure and powerful identity “Public permissioned,” open source, distributed ledger technology Nodes of the Sovrin Identity Network Analogy with ATM SIN (or SIDNet) is publicly accessible, but the data is visible only with the consent of its owner

Sovrin Stakeholders Sovrin Foundation: Oversight Board of Trustees: Governance of the Foundation Initiated by trusted institutions and individuals to bootstrap the process Universities, financial organizations, hospitals, issuers of driving licences, passports, birth certificates, etc. Technical Governance Board Legal, technical and operational policies for Sovrin nodes Nodes exercising stewardship of the ecosystem Identity Owner

Foundations Contractual model of governance Full suite of 3 founding documents The Provisional Trust Framework (PTF) The Identity Owner Agreement The Founding Steward Agreement The two Agreements are appendices to the PTF Others: Agency and Developer Agreements

Main PTF Sections Purpose and Principles Definitions Policies Business Legal Technical Amendments

Purpose The purpose of the Sovrin Network is to provide a global public utility for decentralized identity that adheres to a number of principles

Principles Independence and Self-Sovereignty Guardianship Diffuse Trust Web of Trust System Diversity Interoperability Security Privacy Portability Accountability Transparency Accessibility, Inclusion, and Non-Discrimination Collective Best Interest

Business Policies Identity Owners Stewards Guardians Trust Anchors Obligations Stewards Qualifications Invitations Disqualification and Remediation Guardians Obligations Trust Anchors Qualifications Invitations Disqualification and Remediation

Legal Policies Identity Owners Stewards Agencies Developers Sovrin Trust Mark Dispute Resolution

Technical Policies Steward Node Requirements Steward Security Monitoring & Reporting Sovrin Ledger Write Permissions Sovrin Ledger Transaction Limitations Agencies Developers

Concluding Remarks Why would stakeholders rely on Self-sovereign identity to identify their counterparts, or rather to conduct identity-based transactions with users?

THANK YOU! Dr. Mawaki Chango Kara University, Togo DigiLexis Consulting @ki_chango