Franklin

Self-Sovereign Identity.

Author/Creator:
Preukschat, Alex.
Publication:
New York : Manning Publications Co. LLC, 2021.
Format/Description:
Book
1 online resource (552 pages)
Status/Location:
Loading...

Options
Location Notes Your Loan Policy

Details

Form/Genre:
Electronic books.
Contents:
Intro
Self-Sovereign Identity
Copyright
dedication
contents
front matter
preface
acknowledgments
about this book
Who should read this book
About the code
liveBook discussion forum
Other online resources
about the authors
about the cover illustration
Part 1 An introduction to SSI
1 Why the internet is missing an identity layer-and why SSI can finally provide one
1.1 How bad has the problem become?
1.2 Enter blockchain technology and decentralization
1.3 The three models of digital identity
1.3.1 The centralized identity model
1.3.2 The federated identity model
1.3.3 The decentralized identity model
1.4 Why "self-sovereign"?
1.5 Why is SSI so important?
1.6 Market drivers for SSI
1.6.1 E-commerce
1.6.2 Banking and finance
1.6.3 Healthcare
1.6.4 Travel
1.7 Major challenges to SSI adoption
1.7.1 Building out the new SSI ecosystem
1.7.2 Decentralized key management
1.7.3 Offline access
References
2 The basic building blocks of SSI
2.1 Verifiable credentials
2.2 Issuers, holders, and verifiers
2.3 Digital wallets
2.4 Digital agents
2.5 Decentralized identifiers (DIDs)
2.6 Blockchains and other verifiable data registries
2.7 Governance frameworks
2.8 Summarizing the building blocks
References
3 Example scenarios showing how SSI works
3.1 A simple notation for SSI scenario diagrams
3.2 Scenario 1: Bob meets Alice at a conference
3.3 Scenario 2: Bob meets Alice through her online blog
3.4 Scenario 3: Bob logs in to Alice's blog to leave a comment
3.5 Scenario 4: Bob meets Alice through an online dating site
3.6 Scenario 5: Alice applies for a new bank account
3.7 Scenario 6: Alice buys a car
3.8 Scenario 7: Alice sells the car to Bob
3.9 Scenario summary
Reference.
4 SSI Scorecard: Major features and benefits of SSI
4.1 Feature/benefit category 1: Bottom line
4.1.1 Fraud reduction
4.1.2 Reduced customer onboarding costs
4.1.3 Improved e-commerce sales
4.1.4 Reduced customer service costs
4.1.5 New credential issuer revenue
4.2 Feature/benefit category 2: Business efficiencies
4.2.1 Auto-authentication
4.2.2 Auto-authorization
4.2.3 Workflow automation
4.2.4 Delegation and guardianship
4.2.5 Payment and value exchange
4.3 Feature/benefit category 3: User experience and convenience
4.3.1 Auto-authentication
4.3.2 Auto-authorization
4.3.3 Workflow automation
4.3.4 Delegation and guardianship
4.3.5 Payment and value exchange
4.4 Feature/benefit category 4: Relationship management
4.4.1 Mutual authentication
4.4.2 Permanent connections
4.4.3 Premium private channels
4.4.4 Reputation management
4.4.5 Loyalty and rewards programs
4.5 Feature/benefit category 5: Regulatory compliance
4.5.1 Data security
4.5.2 Data privacy
4.5.3 Data protection
4.5.4 Data portability
4.5.5 RegTech (Regulation Technology)
References
Part 2 SSI technology
5 SSI architecture: The big picture
5.1 The SSI stack
5.2 Layer 1: Identifiers and public keys
5.2.1 Blockchains as DID registries
5.2.2 Adapting general-purpose public blockchains for SSI
5.2.3 Special-purpose blockchains designed for SSI
5.2.4 Conventional databases as DID registries
5.2.5 Peer-to-peer protocols as DID registries
5.3 Layer 2: Secure communication and interfaces
5.3.1 Protocol design options
5.3.2 Web-based protocol design using TLS
5.3.3 Message-based protocol design using DIDComm
5.3.4 Interface design options
5.3.5 API-oriented interface design using wallet Dapps.
5.3.6 Data-oriented interface design using identity hubs (encrypted data vaults)
5.3.7 Message-oriented interface design using agents
5.4 Layer 3: Credentials
5.4.1 JSON Web Token (JWT) format
5.4.2 Blockcerts format
5.4.3 W3C verifiable credential formats
5.4.4 Credential exchange protocols
5.5 Layer 4: Governance frameworks
5.6 Potential for convergence
References
6 Basic cryptography techniques for SSI
6.1 Hash functions
6.1.1 Types of hash functions
6.1.2 Using hash functions in SSI
6.2 Encryption
6.2.1 Symmetric-key cryptography
6.2.2 Asymmetric-key cryptography
6.3 Digital signatures
6.4 Verifiable data structures
6.4.1 Cryptographic accumulators
6.4.2 Merkle trees
6.4.3 Patricia tries
6.4.4 Merkle-Patricia trie: A hybrid approach
6.5 Proofs
6.5.1 Zero-knowledge proofs
6.5.2 ZKP applications for SSI
6.5.3 A final note about proofs and veracity
References
7 Verifiable credentials
7.1 Example uses of VCs
7.1.1 Opening a bank account
7.1.2 Receiving a free local access pass
7.1.3 Using an electronic prescription
7.2 The VC ecosystem
7.3 The VC trust model
7.3.1 Federated identity management vs. VCs
7.3.2 Specific trust relationships in the VC trust model
7.3.3 Bottom-up trust
7.4 W3C and the VC standardization process
7.5 Syntactic representations
7.5.1 JSON
7.5.2 Beyond JSON: Adding standardized properties
7.5.3 JSON-LD
7.5.4 JWT
7.6 Basic VC properties
7.7 Verifiable presentations
7.8 More advanced VC properties
7.8.1 Refresh service
7.8.2 Disputes
7.8.3 Terms of use
7.8.4 Evidence
7.8.5 When the holder is not the subject
7.9 Extensibility and schemas
7.10 Zero-knowledge proofs
7.11 Protocols and deployments
7.12 Security and privacy evaluation
7.13 Hurdles to adoption.
References
8 Decentralized identifiers
8.1 The conceptual level: What is a DID?
8.1.1 URIs
8.1.2 URLs
8.1.3 URNs
8.1.4 DIDs
8.2 The functional level: How DIDs work
8.2.1 DID documents
8.2.2 DID methods
8.2.3 DID resolution
8.2.4 DID URLs
8.2.5 Comparison with the Domain Name System (DNS)
8.2.6 Comparison with URNs and other persistent Identifiers
8.2.7 Types of DIDs
8.3 The architectural level: Why DIDs work
8.3.1 The core problem of Public Key Infrastructure (PKI)
8.3.2 Solution 1: The conventional PKI model
8.3.3 Solution 2: The web-of-trust model
8.3.4 Solution 3: Public key-based identifiers
8.3.5 Solution 4: DIDs and DID documents
8.4 Four benefits of DIDs that go beyond PKI
8.4.1 Beyond PKI benefit 1: Guardianship and controllership
8.4.2 Beyond PKI benefit 2: Service endpoint discovery
8.4.3 Beyond PKI benefit 3: DID-to-DID connections
8.4.4 Beyond PKI benefit 4: Privacy by design at scale
8.5 The semantic level: What DIDs mean
8.5.1 The meaning of an address
8.5.2 DID networks and digital trust ecosystems
8.5.3 Why isn't a DID human-meaningful?
8.5.4 What does a DID identify?
9 Digital wallets and digital agents
9.1 What is a digital wallet, and what does it typically contain?
9.2 What is a digital agent, and how does it typically work with a digital wallet?
9.3 An example scenario
9.4 Design principles for SSI digital wallets and agents
9.4.1 Portable and Open-By-Default
9.4.2 Consent-driven
9.4.3 Privacy by design
9.4.4 Security by design
9.5 Basic anatomy of an SSI digital wallet and agent
9.6 Standard features of end-user digital wallets and agents
9.6.1 Notifications and user experience
9.6.2 Connecting: Establishing new digital trust relationships.
9.6.3 Receiving, offering, and presenting digital credentials
9.6.4 Revoking and expiring digital credentials
9.6.5 Authenticating: Logging you in
9.6.6 Applying digital signatures
9.7 Backup and recovery
9.7.1 Automatic encrypted backup
9.7.2 Offline recovery
9.7.3 Social recovery
9.7.4 Multi-device recovery
9.8 Advanced features of wallets and agents
9.8.1 Multiple-device support and wallet synchronization
9.8.2 Offline operations
9.8.3 Verifying the verifier
9.8.4 Compliance and monitoring
9.8.5 Secure data storage (vault) support
9.8.6 Schemas and overlays
9.8.7 Emergencies
9.8.8 Insurance
9.9 Enterprise wallets
9.9.1 Delegation (rights, roles, permissions)
9.9.2 Scale
9.9.3 Specialized wallets and agents
9.9.4 Credential revocation
9.9.5 Special security considerations
9.10 Guardianship and delegation
9.10.1 Guardian wallets
9.10.2 Guardian delegates and guardian credentials
9.11 Certification and accreditation
9.12 The Wallet Wars: The evolving digital wallet/agent marketplace
9.12.1 Who
9.12.2 What
9.12.3 How
Reference
10 Decentralized key management
10.1 Why any form of digital key management is hard
10.2 Standards and best practices for conventional key management
10.3 The starting point for key management architecture: Roots of trust
10.4 The special challenges of decentralized key management
10.5 The new tools that VCs, DIDs, and SSI bring to decentralized key management
10.5.1 Separating identity verification from public key verification
10.5.2 Using VCs for proof of identity
10.5.3 Automatic key rotation
10.5.4 Automatic encrypted backup with both offline and social recovery methods
10.5.5 Digital guardianship
10.6 Key management with ledger-based DID methods (algorithmic roots of trust).
10.7 Key management with peer-based DID methods (self-certifying roots of trust).
Notes:
Description based on publisher supplied metadata and other sources.
Contributor:
Reed, Drummond.
ISBN:
1-63835-102-3
OCLC:
1259593342