| Kantenartikel | Self-Sovereign Identities

Knots in the knowledge map


Business informatics

Self-Sovereign Identities

Reading time: 6 min.

Basically, a person has various attributes (e.g. name, age, place of residence, hobbies), which can be innate or acquired and change over the course of a person’s life. As a whole, the attributes represent a person and are the answer to the question “Who am I?”.

A person’s identity – regardless of whether it is analogue or digital – consists of several partial identities. [1]

Partial identities are any subset of the total attributes of a person. Intuitively, a person uses these in their daily interaction with other people. For example, many people make a distinction between work and private life, whereby this often means that professional, work-related attributes (e.g. university degree) are used to represent oneself in everyday working life, whereas attributes such as hobbies and interests are more important in private life. Nevertheless, there can be overlaps in the attributes of different sub-identities. A person’s name is a common example of this.

Depending on how many and which attributes are contained in a partial identity, this uniquely identifies a person. The passport as a document represents such a partial identity by physically (printed) containing its attributes. These partial identities are particularly important when it comes to binding something to a person. In the example of the passport, the right of access to a country can be linked to a specific person through the uniquely identifying partial identity.

In the digital age, the management of identities is becoming increasingly important due to the sharp rise in the number of interactions in the digital space. For example, many digital systems must ensure that only authorised users access resources. This requires the user to be identified. The user must therefore prove that they are authorised to access the system by means of an identity. Analogue systems (e.g. ID card checks) cannot be transferred to the digital world, or only to a limited extent. Nevertheless, it is important to transfer the advantages of analogue identity management systems into a digital equivalent that enables users to identify themselves in a data-sovereign manner.[2] This means that people should be able to manage their identities themselves and determine when they share which information with whom. The concept of self-sovereign identity (SSI) [3] describes a paradigm for the design of such data-sovereign digital identity management. SSI systems are based on the principles of controllability, portability and security of identities. In such a system, the roles of issuer, verifier and holder of digital credentials exist. Issuers are institutions or organisations that are authorised to issue digitally verifiable proofs of attributes (verifiable credentials) and lend them credibility through their authority. For example, ID cards issued by the Bundesdruckerei are more credible proofs than self-created ones. The credentials are then collected and stored in a smartphone application (wallet) that the identity holder controls and owns. This enables them to create partial identities from confirmed attributes, which they can present to a verifier in aggregated form (verifiable presentation). The verifier then only has to check whether the verifications were generated correctly by trustworthy issuers. The interaction constellation described above is often referred to as a trust triangle.

Das Diagramm zeigt die fünf Schritte einer Transaktion: Initiierung, Autorisierung, Abwicklung, Bestätigung und Abschluss. Es enthält Symbole für Personen, Organisationen, Systeme, Datenfluss und Prozesse.
Figure 1: Exemplary SSI relationship in the trust triangle

SSI systems are made possible and technically implemented using the basic building blocks of asymmetric cryptography. [4] Verifiable credentials are files that contain attributes and are then signed with the issuer’s private key. If the verifier now requests the attribute, the owner passes on the verifiable credential as a verifiable presentation, whereupon the verifier can verify the signature with the issuer’s public key. If the holder wants more privacy, he can also generate a cryptographic proof (zero-knowledge proof) for the verifier instead. This can then be passed on as a verifiable presentation and proves that the holder has a valid verifiable credential for the requested attribute without disclosing the attribute itself. [5] Ideally, a transparent register in which the public key is listed with the corresponding issuer is available for verifying the proofs. Furthermore, such a register is required to enable revocations and changes to certificates. This is particularly important when authorisations expire or expire. Blockchain technology lends itself as such a register, as it guarantees a high level of decentralisation and cryptographic verifiability. [6]

Comparability with analogue phenomena

The SSI paradigm can be compared to a personal check. In the example of a personal check, the person to be checked is comparable with the holder from the SSI system, the police officer with the verifier and the Bundesdruckerei with the issuer. The Bundesdruckerei issued the person with an ID card at a previous point in time, which is comparable to the Verifiable Credential. The ID card certifies certain attributes of the person (e.g. name, age, size) by means of various security features (e.g. microprinting, watermarks and UV printing) that only the issuer can create. These security features are comparable to the signature. The ID card is stored in the person’s wallet, which is comparable to an SSI wallet. During the identity check, the police officer will now request the attributes and the person will hand over the ID card (now comparable to a verifiable presentation), which is then checked for authenticity by the officer on the basis of the security features.

SSI extends this basic type of identity management to the digital space, resulting in a system that is superior to the analogue system in a number of ways. [7] Analogue ID documents represent a prefabricated set of verified attributes. If an additional attribute is requested, the ID document alone is no longer sufficient. For example, an identity card does not confirm a driving licence, and a driving licence is required as an additional document. A wallet only has limited space for many ID documents. The wallet in the SSI system, on the other hand, is able to store any number of verified attributes and thus makes it possible to construct the appropriate verifiable presentation for each query from the verifier. This also means that only the attributes that are queried are disclosed. This cannot be guaranteed in the analogue system. For example, if the official only wants to verify the age, the ID card will still reveal all the other attributes it contains.

Once a verifiable credential has been created, SSI can run completely digitally and automatically. One advantage of this is that attributes can be changed without much effort. Analogue documents, on the other hand, require a time-consuming, manual reissue process. Furthermore, signatures in combination with zero-knowledge proofs make it possible to make and verify statements about credentials, such as “The person’s age is over 18 and under 40”, without revealing the age itself. This is not possible in analogue systems.

Social relevance

SSI is highly relevant to society as it can enable efficient identity management in various sectors in an era of growing data protection concerns. The potential fits in with current demands for more data sovereignty in the context of digitalisation. Despite existing challenges, the importance of SSI could continue to grow if technological and regulatory hurdles are overcome. [7]