Self Sovereign Identity (SSI) in Blockchain & The Future of Internet Identity
Self Sovereign Identity (SSI) is considered as the future of internet identity where Blockchain technology will be used to build the underlying structures of a proper Self Sovereign Identity (SSI) system. So what exactly Self Sovereign Identity (SSI) is? What are the principles of Self Sovereign Identity (SSI)? Why do we need Self Sovereign Identity (SSI)? Why do we have to implement (SSI) with blockchain? The answer of those questions are given below with the characteristics of Self Sovereign Identity (SSI).
Independent Existence with Total Control:
Users must have an independent existence with total control of their identities. With current systems, a user identity depends on identity providers and identity providers have immense control on their user identities. With control on identity providers, they can choose to take away an identifier or they can use identifiers’ information illegally or they can also change a user identity information too.
With Self Sovereign Identity (SSI), a user must have an independent existence with total control on that user hand. Other authorities do not have any power to take away an identifier or to use identifiers’ information illegally.
A user may gain credentials from an issuer and the issuer can only control the credentials that are issued by that issuer where the issuer has no power on a user identity or others credentials that the user has from other issuers. For example an user may have a credential of driving license issued by a proper authority. With Self Sovereign Identity (SSI), the authority can only take away that user’s driving license credential for reckless driving where that authority does not have any other controls on that user’s identity.
Suppose I apply for a job by claiming that I hold a credential of a Bachelor of Science degree from Chittagong University of Engineering & Technology(CUET). There must be proper verification systems in Self Sovereign Identity (SSI) so that I can prove my claim to the hiring company that the credential of a Bachelor of Science degree I give them is issued by Chittagong University of Engineering & Technology(CUET) & the claim was not tampered with any fraudulent activities.
Selective Disclosure of Attributes:
Suppose your overall grade of graduation is not very good because you gave more effort on pure computer science related subjects where in computer science related subjects you have very good grades. A research based company needs employees who have very good knowledge on computer science. So if your university issues you digital transcripts you need a Self Sovereign Identity (SSI) system where you can selectively choose your representation so that you can show them only your computer science related subjects by hiding other details with the help of proper zero knowledge proof technique.
Another use case will be blockchain based online voting system where you can give your vote anonymously by showing the rightful eligible credentials but also by hiding your personal details(like name, SSN number etc).
You need to transact from an online site regularly but you do not want the site to know your personal choices and financial conditions or exactly you want such a system so that the online site will never realize that all those transactions are coming from you. So you need Self Sovereign Identity (SSI) system with advanced privacy features where others are not able to tell that all those transactions come from the same person (unlinkability) without violating the proper authentication systems by taking the advantages of zero knowledge proof technique.
Distributed, Decentralization and Peer to Peer communications :
Most of the systems are centralized in power and so the central authorities can take actions in their favor which is always a security threat for everyone. Moreover the central authority can choose to take away an identifier at any time or can sell our valuable secured information to other organizations without our permissions. That is why we need decentralized systems. Centralized systems are prone to attack and it is very easy to destroy a central system and so we need both distributed and decentralized systems. With peer to peer communication we can easily eliminate untrusted third parties and our communication will be direct with our partner’s peer without any middleman. With peer to peer communication, we can give everyone everyone’s rightful value as the communication is direct with the one who created that value or products or services.
“The Rohingya people have faced decades of systematic discrimination, statelessness and targeted violence in Rakhine State, Myanmar. Such persecution has forced Rohingya women, girls, boys and men into Bangladesh for many years, with significant spikes following violent attacks in 1978, 1991–1992, and again in 2016. Yet it was August 2017 that triggered by far the largest and fastest refugee influx into Bangladesh. Since then, an estimated 745,000 Rohingya — including more than 400,000 children — have fled into Cox’s Bazar.
In Myanmar, entire villages were burned to the ground, families were separated and killed, and women and girls were gang raped. Most of the people who escaped were severely traumatized after witnessing unspeakable atrocities. These people found temporary shelter in refugee camps around Cox’s Bazar, Bangladesh, which is now home to the world’s largest refugee camp.”
The article is taken from United Nations Office for the Coordination of Humanitarian Affairs(UNOCHA).
This situation shows the importance of immutability on digital identities and credentials. For example if our world has immutable records for everyone’s properties and the credibility everyone achieved then those situations will not arise anymore.
The records we keep on the database must need to be immutable with proper cryptography and algorithms like once recorded and it will never be possible to temper those records. We can easily implement immutability by introducing proper blockchain based systems.
Open, Transparent & Cryptographically secured:
Most of the traditional systems are not open sourced and so we do not have any power to examine the underlying technologies. There might be security breaches and the system might be fraudulent and that is why the whole system needs to be open-sourced, well-known, cryptographically secured, and free so that anyone should be able to examine how the system works. In Self Sovereign Identity (SSI), the systems used to administer and operate a network of identities must be open and transparent, both in how they function and in how they are managed and updated.
Portability & Interoperability:
An user needs portability on identities and credentials so that the user can transfer user’s information and services as the user wishes(Portability). With Self Sovereign Identity (SSI), Identities and credentials should be as widely usable as possible(Interoperability) which will help users for cross platforms communication . Nowadays, we can use the same identity in multiple platforms by using identity providers(like same e-mail & password for multiple platforms) but those identity providers have massive control over our identities and information. We need an identity management system so that we can communicate within multiple platforms and individuals have the powers to transfer individuals identity information.
The future of internet identity will be truth, trusted and transparent with the proper implementation of Self Sovereign Identity (SSI) where Blockchain technology will be used to build the underlying structures.