Andy Tobin’s presentation greatly describes five problems of Internet identity that currently exist. We think that self-sovereign identity, and Sovrin in particular, can solve these five major problems.
5 major problems:
The Proximity Problem - It is as old as the well-known cartoonwith the caption "On the Internet, nobody knows you're a dog". Because we're not actually talking with people, our usual means of knowing who we're dealing with are ineffectual. We have substituted them with the username-password-based authentication system. The consequence is that people's identity information in numerous identity silos around the Internet.
The Scale Problem - Currently digital identity relies on hubs of identity information. We log in using Google or Facebook - huge "identity providers." But for every place that uses one of these providers, there are numbers that will never be part of the social login system. Many businesses are wary of giving up control of their customer information to another business that might choose next week to change things up.
The Flexibility Problem – So-called "identity solutions" are currently narrowed by attribute sets or fixed schema. For example, GOV.UK Verify is a universal identity assurance system for UK citizens but has a restricted data set. And it's not likely that they could practically expand whatever schema they have to cover all use cases, even if they were prone to do so.
The Privacy Problem - Current digital identity solutions depend on stocks of database management system, often collected without subject's knowledge. The data is copied over and over again in various systems. Third parties use general identifiers like phone numbers or Social Security Numbers to alter identity information, again without the subject's knowledge.
The Permission Problem - The information in these thousands of identity silos is often shared with others without permission. Sometimes this is done in service of the subject, but often it's done in service of the bottom line of the organization that controls the silo.
The Sovrin system
Sovrin has a unique architecture that solves these five identity problems. Sovrin aims to minimize disclosure, discourage correlation and promote security. Its structural design is decentralized so that these benefits are open to all. It comprises the careful blend of several important technologies:
Decentralized Identifiers (DIDs) - DIDsare identifiers projected for verifiable, self-sovereign digital identities. Sovrin uses them in a manner that is pseudonymous and pairwise. That is, each relationship is given a new, solid DID by default to prevent linking.
Confirmable Claims - Confirmable claimsare the digital equivalent of the different third-party credentials we all carry around in our wallets. These credentials have a few important properties:
The issuer, not some main authority, determines the content and format of the credential.
Anyone can choose to accept whatever credentials suit their purposes
Anyone can issue whatever credentials they like.
The credentials say who issued them (using a DID). They say who they're about (using a DID)
The credentials are tamper-evident.
Anyone can confirm the claims without any business arrangement or technical integration with the issuer.
ZKP allows a person to confirm things about themselves, based on supportable claims, without having to reveal the claim itself. This reduces the amount of information given out by a person. For instance, a ZKP can just reveal that the holder of the claim is over 18 without revealing the date of birth or even their age at all. ZKPs also offer support for non-correlation by proving the claim is about the identity owner without revealing the identifier that the claim issuer has for the person.
Sovrin's structural design supports independent software agents to process and hold claims as well as to perform identity transactions on the identity owner's behalf. These agents interoperate directly with each other as peers. Sovrin specifies the protocols that agents use so that agents from various vendors can work together and sustain substitutability.
Distributed Ledger - It provides a place where decentralized artifacts like DIDs, proofs and verifiable claims can anchor. When agents resolve or create DIDs, they are interacting with the ledger. The ledger allows decentralized identityby doing away with the need for a central authority.
Solving Five Identity Problems
The Sovrin system is designed to solve the five problems of identity.
DIDs and confirmable claims solve the proximity problem by giving people the means to prove information about themselves away from each other.
The decentralized nature of claims and their schemas solves the flexibility problem because people can use Sovrin for any identity problem they face. Everyone can design whatever claims that will solve their problem.
Zero-knowledge proofs and DIDs provide tools for increased privacyby supporting minimal disclosure and limiting correlation.
Sovrin supports consentbecause the identity owner is structurally part of all identity transactions. Sovrin records shared information and the terms of sharing.
The Internet introduced the proximity problem and the available solutions, and their innate limitations led us the situation we're in now.
Sovrin benefits from years of cryptographic research and the modern common availability of decentralized ledger technology. It has to rethink identity solutions so that we can have flexible, scalable, private interactions with consent despite the issues that distance communication has.