The internet was built to allow computers to communicate with each other. Each computer has its own identity, called an Internet Protocol or IP Address, which is similar to a street address or telephone number. Every computer in a network has a log of which other computers it has talked to and when. This is a built-in layer of security that serves as protection against unauthorized entry or tampering.
Things get more complicated when human beings, or dogs, enter the picture. Remember the iconic New Yorker cartoon that shows a dog working at a computer saying to his companion “On the Internet, nobody knows you’re a dog.” That is as true as it is far-fetched. The internet was developed without a true user identity layer.
To address this infrastructure flaw, IBM announced on April 4 that it was joining the Sovrin Network, as a founding Steward, to help create, operate and maintain the Sovrin Foundation’s decentralized digital identity network. In the words of the announcement:
The Sovrin Network was purpose-built to add the missing identity layer to the Internet and provides a complete approach to identity from the distributed ledger to device, making secure and private self-sovereign digital identity possible for the first time in history.
The Sovrin Foundation, which guides the network, operates as a global public utility designed to provide a permanent, private and trustworthy identity for every entity on the Internet.
Along with other Stewards, IBM will dedicate hardware, security and network capacity to assist in the operation of this self-sovereign identity network which uses distributed ledger technology, or blockchain, to provide digital credentials to prove identity. that every individual, organization, and connected device have its own truly independent digital identity. Said Marie Wieck, general manager, IBM Blockchain:
Society is increasingly aware of the threat of personal identity theft while business and government witness an increase in risk and liability associated with their centralized identity systems. The emergence of distributed ledger technology is enabling the shift towards decentralized identities that allow individuals to have control of their personally identifiable information. In partnership with Sovrin, IBM can be a catalyst to help drive adoption and enable organizations worldwide to adopt and support self-sovereign identity.
To help ensure these digital identities are interoperable at a global scale, Sovrin Foundation Stewards run open source distributed ledger technology administered by the Hyperledger Foundation, as Project Indy.
This first of its kind self-sovereign identity network was created by an international team of experts, including IBM, across a diverse group of organizations. It is based on emerging standards from the World Wide Web Consortium (W3C) that standardize the format of digitally-signed credentials.
These verifiable credentials enable the cryptographically secure, peer-to-peer exchange of identity information in a manner that mimics the way identity attributes are exchanged in the physical world.
The use of public blockchains provides decentralized registration and discovery of the public keys needed to verify digital signatures. These two capabilities enable a new way to establish a global public utility for self-sovereign identity—lifetime portable digital identity that does not depend on any central authority and can never be taken away.
Said Dr. Phil Windley, chair of the Sovrin Foundation:
The Sovrin technology is poised to change the nature of identity interactions for untold millions of people, organizations and connected devices. IBM’s position as a leader in blockchain technology and their commitment to supporting and solving the problem of identity for all makes them a natural partner in this effort.
In case you’re wondering whether this is a case of ‘in your dreams’ the Sovrin Network was officially launched on August 1, 2017, following a six week test with a number of Sovrin Stewards who have executed the Sovrin Provisional Trust Framework (a legal contract) with the Sovrin Foundation. Sovrin Foundation chair Phillip J. Windley said:
We do not intend to ever reset the ledger. All transactions on the provisional network are “in production.” the provisional network is the real Sovrin network and is open for business. Transactions written to the provisional network will be part of the Sovrin ledger for all time.
In a digital economy, individuals and businesses need to establish secure, private and trusted transactions. The current method of username-password-based authentication falls far short.
Some of the giant “identity providers,” like Facebook and Google, provide just enough protection to keep you coming back (assuming you change the passwords frequently) but are useless in verifying yourself to thousands of other entities. The possibility always exists that your identity will be hacked.
Since 2017, more than 1,300 identity breaches have occurred in the U.S. causing some 175 million identity records to be compromised.
That is a far cry from the promise of a network operated by independent stewards that use the power of a hybrid distributed ledger as a fast, private and secure framework for providing every person, organization, and connected device a permanent identity with which to transact online and operate securely in everyday life.
That’s an outcome we can all cheer for.
Image credit - via FTVMS