Look Inside
FREE
You can see any available part of this book for free.Click the table of contents to start reading.
In a world of changing privacy regulations, identity theft, and online anonymity, identity is a precious and complex concept. Self-Sovereign Identity (SSI) is a set of technologies that move control of digital identity from third party “identity providers” directly to individuals, and it promises to be one of the most important trends for the coming decades. Now in Self-Sovereign Identity, privacy and personal data experts Drummond Reed and Alex Preukschat lay out a roadmap for a future of personal sovereignty powered by the Blockchain and cryptography. Cutting through the technical jargon with dozens of practical use cases from experts across all major industries, it presents a clear and compelling argument for why SSI is a paradigm shift, and shows how you can be ready to be prepared for it.This is a very important book—it looks at the problems of digital identity just when we need to desperately solve them.
About the Technology
What is our identity? It is everything we do in our daily life, but with the identity data records siloed in banks, big corporations, and governments. Currently, we rely on these third-party records to prove who we are and what we own—but we do not control them.
Self-Sovereign Identity changes everything.
Imagine selling a house, applying for a driver’s license, or checking an applicant’s credentials without evaluating a portfolio of papers gathered from various centralized institutions. Powered by secure Blockchain registries and cryptography, Self-Sovereign Identity is empowering people across the globe to take back control of their own data using digital credentials controlled by the users themselves. It eliminates the need for organizations to manage customer data directly, reducing costs, and massively increasing security. SSI is creating new, richer, and more trusted relationships online, and promises to be just as important as the emergence of the Internet.
About the book
Self-Sovereign Identity gives you a radical new perspective on how we represent ourselves in the world. This case study-driven book cuts through the jargon and hype to expose the amazing potential SSI offers for for security, privacy, identity, and even uprooting the way the global economy works. SSI experts Drummond Reed and Alex Preukschat present a vision of the future, examining how SSI protocols will impact industries from banking through to government. You’ll get a clear mental model for how SSI works as you tour SSI-enabled eCommerce and eHealth applications and their advantages over current technologies. While you learn the philosophical and sociological concepts that underpin SSI, you’ll reach the book’s lightbulb moment: what this radical technology really means for the shape of our lives, our businesses, and our futures.
Table of Contents takes you straight to the bookdetailed table of contents
Part 1 An Introduction to SSI
1 Why the Internet is missing an identity layer—and why SSI can finally provide one
1.1 Internet Identity Workshop
1.2 How bad has the problem become?
1.3 The breakthrough: blockchain
1.4 The three models of digital identity
1.4.1 The centralized identity model
1.4.2 The federated identity model
1.4.3 The decentralized identity model
1.5 Why "`self-sovereign”?
1.6 Why is SSI so important?
1.7 Market drivers for SSI
1.7.1 Ecommerce
1.7.2 Banking and finance
1.7.3 Healthcare
1.7.4 Travel
1.8 Major challenges to SSI adoption
1.9 Exploring SSI with this book
2 The basic building blocks of SSI
2.1 Verifiable credentials
2.2 Issuers, holders, and verifiers
2.3 Digital wallets
2.4 Digital agents and hubs
2.5 Decentralized Identifiers (DIDs)
2.6 Blockchains
2.7 Governance frameworks
3 Example scenarios of how SSI works
3.1 A simple notation for SSI scenario diagrams
3.2 Scenario #1: Bob meets Alice at a conference
3.3 Scenario #2: Bob meets Alice through her online blog
3.4 Scenario #3: Bob logs into Alice’s blog to leave a comment
3.5 Scenario #4: Bob meets Alice through an online dating site
3.6 Scenario #5: Alice applies for a new bank account
3.7 Scenario #6: Alice buys a car
3.8 Scenario #7: Alice sells the car to Bob
3.9 Summary
4 SSI Scorecard: Major features and benefits of SSI
4.1 Feature/benefit category #1: bottom line
4.1.1 Fraud reduction
4.1.2 Reduced customer onboarding costs
4.1.3 Improved ecommerce sales
4.1.4 Reduced customer service costs
4.1.5 New credential issuer revenue
4.2 Feature/benefit category #2: business efficiencies
4.2.1 Auto-authentication
4.2.2 Auto-authorization
4.2.3 Workflow automation
4.2.4 Delegation and guardianship
4.2.5 Payment and value exchange
4.3 Feature/benefit category #3: user experience & convenience
4.3.1 Auto-authentication
4.3.2 Auto-authorization
4.3.3 Workflow automation
4.3.4 Delegation and guardianship
4.3.5 Payment and value exchange
4.4 Feature/benefit category #4: relationship management
4.4.1 Mutual authentication
4.4.2 Permanent connections
4.4.3 Premium private channels
4.4.4 Reputation management
4.4.5 Loyalty and rewards programs
4.5 Feature/benefit category #5: Regulatory compliance
4.5.1 Data security
4.5.2 Data privacy
4.5.3 Data protection
4.5.4 Data portability
4.5.5 RegTech (Regulation Technology)
4.6 Using the SSI Scorecard in Part Four
Part 2 SSI Technology
5 SSI architecture: the big picture
5.1 The SSI stack
5.2 Layer 1: Identifiers and public keys
5.2.1 Blockchains as DID registries
5.2.2 Adapting general purpose public blockchains to SSI
5.2.3 Special-purpose blockchains designed for SSI
5.2.4 Conventional databases as DID registries
5.2.5 Peer-to-peer protocols as DID registries
5.3 Layer 2: Secure communication and interfaces
5.3.1 Web-based protocol design using TLS
5.3.2 Message-based protocol design using DIDComm
5.3.3 Interface design options
5.3.4 API-oriented interface design using wallet dapps
5.3.5 Data-oriented interface design using hubs
5.3.6 Message-oriented interface design using agents
5.4 Layer 3: Credentials
5.4.1 JSON Web Token format
5.4.2 Blockcerts format
5.4.3 W3C verifiable credential formats
5.4.4 Credential exchange protocols
5.5 Layer 4: Governance frameworks
5.6 Summary
6 Basic cryptography techniques for SSI
6.1 Basic cryptographic building blocks
6.2 Hash Functions
6.2.1 What is a hash?
6.2.2 Types of hash functions
6.2.3 Hash function usage in SSI
6.3 Encryption
6.3.1 What is encryption?
6.3.2 Symmetric-key cryptography
6.3.3 Asymmetric-key cryptography
6.4 Digital signatures
6.5 Verifiable data structures
6.5.1 Merkle Trees
6.5.2 Building a Merkle tree
6.5.3 Searching a Merkle tree
6.5.4 Patricia Tries
6.5.5 Merkle-Patricia Trie - a hybrid approach
6.6 Proofs
6.6.1 Zero-Knowledge Proofs
6.6.2 ZKP applications for SSI
6.6.3 Proofs and SSI
6.7 Conclusion
7 Verifiable credentials
7.1 Example Usages of VCs
7.1.1 Opening a bank account
7.1.2 Receiving a free local access pass
7.1.3 Using an electronic prescription
7.2 The VC ecosystem
7.3 The VC trust model
7.3.1 Federated identity management vs. VCs
7.3.2 Specific trust relationships in the VC trust model
7.3.3 Bottom-up trust
7.4 W3C and the VC standardization process
7.5 Syntactic Representations
7.5.1 JSON
7.5.2 Beyond JSON - adding standardized properties
7.5.3 JSON-LD
7.5.4 JWT
7.6 Basic VC Properties
7.7 Verifiable presentations
7.8 More Advanced VC Properties
7.8.1 Refresh Service
7.8.2 Disputes
7.8.3 Terms of Use
7.8.4 Evidence
7.8.5 When the holder is not the subject
7.9 Extensibility and Schemas
7.10 Zero-knowledge proofs
7.11 Protocols and deployments
7.12 Security and Privacy Evaluation
7.13 Hurdles to adoption
7.14 Summary
8 Decentralized identifiers
8.1 The superficial level: what is a DID?
8.1.1 URIs
8.1.2 URLs
8.1.3 URNs
8.1.4 DIDs
8.2 The functional level: how DIDs work
8.2.1 DID documents
8.2.2 DID methods
8.2.3 DID resolution
8.2.4 DID URLs
8.2.5 Comparison with the Domain Name System (DNS)
8.2.6 Comparison with Uniform Resource Names (URNs) and other Persistent Identifiers
8.2.7 Types of DIDs
8.3 The architectural level: why DIDs work
8.3.1 The core problem of Public Key Infrastructure (PKI)
8.3.2 Solution #1: The conventional PKI model
8.3.3 Solution #2: The web-of-trust model
8.3.4 Solution #3: Self-certifying identifiers
8.3.5 Solution #4: DIDs
8.4 Four benefits of DIDs that go beyond PKI
8.4.1 Beyond PKI benefit #1: Guardianship and controllership
8.4.2 Beyond PKI benefit #2: Service endpoint discovery
8.4.3 Beyond PKI benefit #3: DID-to-DID connections
8.4.4 Beyond PKI benefit #4: Privacy by Design
8.5 The Semantic Level: What DIDs Mean
8.5.1 The meaning of an address
8.5.2 DID networks and trust networks
8.5.3 Why isn’t a DID human-meaningful?
8.5.4 What does a DID actually identify?
9 Digital wallets and digital agents
9.1 What is a digital wallet—and what does it typically contain?
9.2 What is a digital agent—and how does it typically work with a digital wallet?
9.3 An example scenario
9.4 Design principles for SSI digital wallets and agents
9.4.1 Portable and Open-By-Default
9.4.2 Consent-Driven
9.4.3 Privacy-by-Design
9.4.4 Security-by-Design
9.5 Basic anatomy of an SSI digital wallet and agent
9.6 Standard features of end-user digital wallets and agents
9.6.1 Notification and user experience
9.6.2 Connecting—establishing new digital trust relationships
9.6.3 Receiving, offering, and presenting digital credentials
9.6.4 Revoking and expiring digital credentials
9.6.5 Authenticating—”logging you in”
9.6.6 Applying digital signatures
9.7 Backup and recovery
9.7.1 Automatic encrypted backup
9.7.2 Offline recovery
9.7.3 Social recovery
9.7.4 Multi-device recovery
9.8 Advanced features of wallets and agents
9.8.1 Multiple device support and wallet synchronization
9.8.2 Offline operations
9.8.3 Verifying the verifier
9.8.4 Compliance and monitoring
9.8.5 Secure data storage (“vault “) support
9.8.6 Schemas and overlays
9.8.7 Emergencies
9.8.8 Insurance
9.9 Enterprise Wallets
9.9.1 Delegation (rights, roles, permissions)
9.9.2 Scale
9.9.3 Specialized wallets and agents
9.9.4 Credential revocation
9.9.5 Special security considerations
9.10 Guardianship and Delegation
9.10.1 Guardian wallets
9.10.2 Guardian delegates and guardian credentials
9.11 Certification & Accreditation
9.12 The Wallet Wars: the evolving digital wallet/agent marketplace
9.12.1 Who
9.12.2 What
9.12.3 How
9.13 Summary
10 Decentralized key management
11 SSI governance frameworks
11.1 Governance frameworks and trust frameworks: some background
11.2 The governance trust triangle
11.3 The Trust over IP governance stack
11.3.1 Layer 1: Utility governance frameworks
11.3.2 Layer 2: Provider governance frameworks
11.3.3 Layer 3: Credential governance frameworks
11.3.4 Layer 4: Ecosystem governance frameworks
11.4 The role of the governance authority
11.5 What specific problems can governance frameworks solve?
11.5.1 Discovery of authoritative issuers and verified members
11.5.2 Anti-coercion
11.5.3 Certification, accreditation, and trust assurance
11.5.4 Levels of assurance (LOA)
11.5.5 Business rules
11.5.6 Liability and insurance
11.6 What are the typical elements of a governance framework?
11.6.1 Master Document
11.6.2 Glossary
11.6.3 Legal agreements
11.6.4 Governance Rules
11.6.5 Business rules
11.6.6 Policy modules
11.6.7 Trust assurance framework
11.7 Digital guardianship
11.8 Legal enforcement
11.9 Examples
11.10 Summary
Part 3 Decentralization as a model for life
12 How open source software helps you control your self-sovereign identity
12.1 The origin of free software
12.2 Wooing businesses with open source
12.3 How open source works in practice
12.4 Open source and digital identities
13 Cypherpunks: the origin of decentralization
14 Decentralized identity for a peaceful society
14.1 Technology and Society
14.2 A Global Civil Society
14.3 Identity as a Source of Conflict
14.4 Identity as a Source of Peace
15 Centralization vs decentralization believers
16 The origins of Self-Sovereign Identity
16.1 The birth of the internet
16.2 Losing control over our personal information
16.3 Pretty good privacy
16.4 International Planetwork Conference
16.5 Augmented Social Network and Identity Commons
16.6 The Laws of Identity
16.7 Internet Identity Workshop
16.8 Increasing support of user control
16.9 Rebooting the Web of Trust
16.10 Agenda for Sustainable Development and ID2020
16.11 Early state interest
16.12 MyData and Learning Machine
16.13 Verifiable Claims Working Group, Decentralized Identity Foundation, and Hyperledger Indy
16.13.1 Increasing state support for SSI
16.14 Ethereum identity
16.15 World Economic Forum Reports
16.16 First production government demo of SSI-supporting ledger
16.17 SSI Meetup
16.18 Official W3C Standards
16.19 Only the beginning
17 Identity is money
Part 4 How SSI Will Change Your Business
18 Explaining SSI value to business
18.1 How might we best explain SSI to people and organisations?
18.1.1 Failed Experiment #1: Leading with the technology
18.1.2 Failed Experiment #2: Leading with the philosophy
18.1.3 Failed experiment #3: Explaining by demonstrating the tech
18.1.4 Failed Experiment #4: Explaining the (world’s) problems
18.1.5 Learning from other domains
18.2 So how should we best explain the value of SSI?
18.3 The Power of Stories
18.4 Jackie’s SSI story
18.4.1 Part 1: The current physical world
18.4.2 Part 2: The SSI world—like the current physical world, but better
18.4.3 Part 3: Introducing the Sparkly Ball—or what’s wrong with many current digital identity models
18.5 SSI Scorecard for apartment leasing
19 The Internet of Things Opportunity
19.1 IoT - connecting everything safely
19.2 How does SSI Help IoT?
19.3 The Business Perspective for SSI and IoT
19.4 An SSI-based IoT architecture
19.5 Tragic story: Bob’s car hacked
19.6 The Austrian Power Grid
19.7 Summary
19.8 SSI Scorecard for IoT
20 Animal care, adoption, and accountability just became crystal clear
21 Open democracy, voting & SSI
21.1 The problems with postal voting
21.2 The problems with e-voting
21.3 Estonia: a case study
21.4 The three pillars of voting
21.5 The Advantages of SSI
21.6 Summary
22 Supply-chain management powered by SSI in Pharma
23 Canada: Enabling Self-Sovereign Identity
23.1 The Canadian context
23.2 The Canadian approach and policy framework
23.3 The Pan-Canadian Trust Framework
23.3.1 The Normative Core
23.3.2 Mutual Recognition
23.3.3 Digital Ecosystem Roles
23.3.4 Supporting Infrastructure
23.4 Mapping the SSI Stack to the PCTF Model
23.5 Using the Verifiable Credentials Model
23.6 Enabling Self-Sovereign Identity
23.7 SSI Scorecard for the Pan-Canadian Trust Framework
24 From eIDAS to SSI in the European Union
Appendixes
Appendix A: The Path to Self-Sovereign Identity
Appendix B: Design Principles for Self-Sovereign Identity
Appendix C: The Three Dimensions of SSI
Appendix D: Principles of an Identity Metasystem
Appendix E: Public Identities in the Ethereum Ecosystem
Appendix F: Meta-Platforms and Cooperative Network-of-Network Effects
What's inside
- How SSI will affect your industry
- The essential technical and legal concepts of SSI
- The architecture of SSI software
- Emerging standards for SSI
About the reader
Readers of this book need no special technical knowledge, only an openness to new ideas.About the authors
Drummond Reed has spent over two decades in Internet identity, security, privacy, and trust frameworks. He is the Chief Trust Officer at Evernym, and co-author of the Respect Trust Framework, which was honored with the Privacy Award at the 2011 European Identity Conference. Drummond is a Trustee and Secretary of the Sovrin Foundation, where he serves as chair of the Sovrin Governance Framework Working Group, and has served as co-chair of the OASIS XDI Technical Committee since 2004.
Alex Preukschat is Global Head of Strategic Blockchain Projects with Evernym. Alex has been active in the Bitcoin space since 2013 and leads SSIMeetup.org, a global SSI community to share knowledge in the identity space. He is a co-founder of Blockchain España and Alianza Blockchain Iberoamérica, and author of multiple reports and books about Blockchain and identity.
placing your order...
Don't refresh or navigate away from the page.
Manning Early Access Program (MEAP)
Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.
- customers also bought these items
- GraphQL in Action
- Blockchain in Action
- API Security in Action
- Grokking Artificial Intelligence Algorithms
- Spring Security in Action
- customers also bought these items
- API Security in Action
- GraphQL in Action
- Designing Cloud Data Platforms
- The Art of Unit Testing, Third Edition
- Blockchain in Action
Prices displayed in rupees will be charged in USD when you check out.
customers also reading
This book
1-hop
2-hops
3-hops
FREE domestic shipping on three or more pBooks
