Decentralized Identity
1. Trust
Trust is indispensible for business. All businesses have to rely on counterparties to carry out a buy/sell operation. Every business transaction involves two or more parties that are well-identified, complex interactions and comes with its own set of rules and regulation. A successful binding contract is one that considers legal aspects of governance, ensures it handles all scenarios and full automated without subjective interpretations
2. Privacy
Privacy of an entity is clearly an important part of trust, simply becasue of the need to share information that is only relevant to the transaction. Data is the new oil, but when data leaks light up, it destroys the ecosystem and becomes a towering inferno. This is hard to understand for industries that have been setup with legacy systems and central players. THey are getting by everyday barely ensuring privacy and governance laws are met
3. AI Automation
AI Automation ensures that we
4. Web3 Decentralization
1. AAA Framework of Identity
Authentication - To identify an individual on the internet to be truly a digital representation of the physical world that registered prior with the credentials Authorization - Tag and authorize an individual with minimum access to resources, so that a person can perform tasks as assigned by the administrator of the system Accounting - Monitor authenticated user behavior for a single session for compliance and analytical purposes
Lifecycle of an Identity
A user will pass through some steps during the Identification and Authorized Session
- Identity Provisioning
- Authenication with Username/Password, unique strings, Q&A, Hardware/Software Unique Random Number generation
- Session Management and Authorization
- Reauthentication time-to-time
- Modification/enforcement/reinforcement of Authentication/Authorization Schemes
- Monitoring of being authenticated
- Ending of foormal session
- Deletion of an account
Currently, in Web 2.0, each central player is trying to maintain an individual database central server hosting larger number of users to manage authentication, while outsourcing some or all of authorization to IDP players.
Web3.0 is expected to be more universal across the internet, however the underlying architecture is managed by a decentralized network, not owned by any specific organization.
History of Identification
To identify an individual in a digital landscape, identity was centralized and stored in a central server in a filesystem. As things evolved, username and password was introduced along with one-way hashing the user credentials along with salting (a technique for uniform random distribution), but still stored in filesystems Cryptography as a computer science subject evolved over time, and asymmetric cryptography in the form of private and public key are being used to login to intranet and internet. Further evolution of digital systems has led to use of One-time passwords through e-mail, phone and other dedicated hardware devices. The OTP had to be truly random in nature to avoid being hacked Since the millenium, Kerberos, OAuth1, OAuth2 and SAML protocols are developed and extended to keep in line with the evolving internet technologies to avoid hacking and identity theft, each of them are serving a different purpose.
OAuth 2.1
Oauth is an authorization framework modeled as client-server architecture. If a user wants to access the resource owned by the Relying Party(RP), an Identity Provider(IDP) is an intermediary who can grant access to certain user attributes and send them to RP when RP forwards a user authorization to IDP. Oauth2 is the latest attempt too deprecate some RFCs by IETF and highlight some important concerns around security flaws in the OAuth 2.0, which exists since 2012
OIDC 2.0
Open ID Connect 2.0 is the current popular authentication framework on which most websites are run. OIDC 2.0 sits on top of the OAuth framework and powers the authenciation and authorization across multiple resources, it could be several websites, internal resources of a company or external resources across a network.
Decentralized Identity
It is expected that in the near future, we will have fully self-sovereign identity on permissioned blockhain network that can authenticate itself and be governed by the security systems setup within the network. The identity can be authenticated with newer ways using Zeo-Knowledge Proofs, for which there are already some implementations such as zk-snarks. It will be universal, self-sovereign and large data breaches are expected to be nullified. The decentralization helps in being authenticated with co-tenants on the network without the use of private or sensitive information. The privacy can be maintained because of lack of data share for authentication or other purposes.