Transition of Digital IDs from Centralized ID to Self-Sovereign Identity (SSI)



In recent years, there has been a lot of attention paid to "Self-Sovereign Identity" as the future of digital identity.

On the other hand, in order to think about the future, we also need to know about history.  What kind of changes have digital IDs undergone in the first place?

In this article, I would like to explain the evolution of digital identity in four forms, referring to the classification of the article by Christopher Allen.

Changes in digital identity, four forms

Digital ID is easy to understand if you think about it in four forms.
  • Centralized Identity
  • Federated Identity.
  • User-Centric Identity
  • Self-Sovereign Identity
From the first centralized ID to the fourth self-sovereignty ID, the authority and subjectivity of the user has increased.

These have not completely migrated in each phase, and centralized ID still exists today, so it is easy to understand if you think of it as a gradation.

In what follows, each identity will be explained.




Centralized Identity: A centralized identity

A centralized identity is an identity that is issued by each individual service, and its management authority is essentially on the service side, which is the issuer rather than the user.

As many of you may have noticed, most of the services are still using this centralized ID.

A general service registration, which involves creating an account by setting up an e-mail or password, can be said to be creating a centralized ID.

This centralized ID is now widely used because it has the advantage of being easy to implement from the operator's point of view.

However, from the user's point of view, there are various disadvantages such as lock-in to the service, separation of identities for each service, and giving management authority to the service side.

The following three ideas of identity have emerged as solutions to these challenges.

Federated Identity.

Federated Identity is an ID that allows the same ID to be used for multiple services by a coalition of multiple companies and organizations to manage the ID.

It is sometimes referred to as Single Sign-On (SSO). In addition, the term "interoperability" is often used to describe the ability to log in to multiple services with a single ID.

Although the user convenience of the federated ID is improved compared to the centralized ID, it is necessary to note that the sovereignty of the ID remains with the company.

Let's look at "Microsoft's Passport" and "Liberty Alliance around Sun Microsystems" as examples.

Passport Passport (Microsoft)

Passport is a common login enabling service released by Microsoft in 1999.

The aim was to improve the convenience of e-commerce sites, which were gradually increasing in number at the time, by centralizing the use of Passport for login.

In the end, however, the identity was centered on the company Microsoft, and users had no control over their own identity.

For example, you have to sign in with Passport to install Windows XP.

Liberty Alliance (Sun Microsystems)

The Liberty Alliance is an organization led by Sun Microsystems (Sun Microsystems) that was founded in response to Passport.

At most, more than 160 leading companies have joined the effort to develop a common identity specification, including HP, Bank of America, VISA, SONY and NTT Group.

The Liberty Alliance included some of the biggest names in the industry.

In addition, the fact that U.S. government agencies also participate in the project suggests the level of attention it receives.

https://www.computerweekly.com/news/2240049819/US-government-agencies-join-Liberty-Alliance


As for the Liberty Alliance, the Japanese tech media has also picked up on the trend.


However, looking at the organization's website, it seems that they were working on various specifications and testing until 2009, but since then they have not been updated and have been inactive.

I am curious as to why this massive effort has been derailed, as I can't find any article that mentions the cause.

User-Centric Identity: User-centric identity

Following the federated ID, the idea of "User-Centric Identity" has emerged, in which users should control their own identity.

For user-centric IDs, user consent and interoperability were emphasized.

ASN (Augmented Social Network), which laid the foundation for user-centered identity, pointed out that it is difficult to construct a user-centered identity in the original sense because Passport and Liberty Alliance are business-driven initiatives and focus on data use on the corporate side, such as user modeling based on personal information.

An organization called The Identity Commons is playing a big role in building a user-centric identity.

The Identity Commons established the Internet Identity Workshop (IIW) in 2005 to promote the development of specifications in user-centered identity.

Specifications such as OpenID, OpenID Connect, OAuth, and FIDO have been discussed and developed around IIW.




Currently, there are various Single Sign-On implementations using OpenID Connect and OAuth, which can be used by various services with the consent of the user.

However, if the OpenID Provider (Google, Yahoo!, etc.), which is the issuer of the ID, disappears, the user's ID itself will also disappear, so there is a problem in terms of permanence.

Facebook Connect is also classified as a user-centric identity, but it is not enough to be used as an online identity because the ultimate ownership belongs to the company, as the Facebook side unilaterally deletes the account over a real name issue.


Self-Sovereign Identity

That's why self-sovereign identity is now attracting attention as an identity in the digital world.

Please see this article for more information.


The point can be expressed in the term User Autonomy.

In other words, compared to conventional identities, a self-sovereign identity does not depend on a specific administrative entity and allows users to create their own identities by themselves.

The legitimacy of the created identity requires the endorsement (Claim, Attestation) by a trusted third party, but the identity itself remains even if one of the third parties disappears. In other words, there is no problem in terms of permanence.

In this way, a digital ID goes from being an ID for temporary use of web services to being a passport to travel through the vast world of the digital world.

This can be said to be identity in its original sense.

Comments

Post a Comment

Popular posts from this blog

Why did Singapore DBS Bank's digital banking transformation succeed?

Image
Have you ever heard of "DBS Bank" in Singapore? DBS Bank is now attracting worldwide attention for being one of the world's best examples of a successful "digital bank". The fact that it was named World's Best Digital bank by Euromoney, a financial information magazine, twice in 2016 and 2018, is proof of its ability. In this article, I will draw on the content of the book "The Birth of Amazon Bank: The Next Generation Financial Scenario in 2025" to address the question of why DBS Bank's digital banking has been so successful. What is DBS Bank in Singapore? Let's start by explaining what kind of bank DBS Bank is. DBS Bank was established in 1968 as "The Development Bank of Singapore", shortly after its independence from the United Kingdom in 1963 and Malaysia in 1965. In 2003, the bank changed its name to DBS Bank, which comes from the initials of its original name. DBS Bank, which started in Singapore, now has more
Read more

Is New Retail the final form of retail? The Past and Future of New Retail

Image
Liu Jun, author of The New Retail Revolution: What's New Retail from China? , gave a special lecture at Futago Tamagawa Tsutaya yesterday The content of the talk was basically based on the content of the book, but in Q&A;A, "Is New Retail the Final Form of Retail? The answer to the question "What do you think? How will China's new retail landscape change in the future? What is new retail in the first place? looking back at the "newretail" of the past What's the future of "new retail"? Compilation What is New Retail? In thinking about the future of new retail, it is necessary to first consider what new retail is. New Retail, Liu says, is "more efficient retail" and not the "most efficient retail". In other words, in terms of increasing efficiency, new retail is something that has been and will continue to be around. A look back at past "New Retail" As an example, Mr.
Read more