Identosphere 38a • ¡Help Wanted! • Improving US Cybersecurity • Korea adopts decentralized ID
In part one of this weeks updates check out the latest research literature, public sector updates, company news, Covid news and juicy blog posts!
Welcome and Thanks to our Patrons!
We’re still working on that mailing list digest, but that will be released to patrons in the next few days (hopefully).
In other news, since this newsletter is always overflowing, and this week it’s even fuller than ever, we’re splitting this weeks Identosphere into 2 parts.
The problem is that some e-mail clients \ providers will truncate messages beyond a certain length. We’re trying to figure out if we should just publish long newsletters and readers can visit the website for the rest, or if we should always keep the newsletter within those limits? For this week, you get two! Please let us know what you think in the comments.
Read previous issues and Subscribe @ https://newsletter.identosphere.net
We’ve been considering the idea of seeking help for the creation of the Identosphere newsletter and related products. There are a lot of possibilities for the growth of this publication, but only so many hours in the day, and we each have our specialties.
Every week we spend an hour or two gathering news-items from various feeds, but processing those into this newsletter can be time-consuming.
For another thing, there’s so much more news and information than there is room in this e-mail. Perhaps, every week we ought to have a public newsletter and one that just goes out to patrons. Or maybe there is another creative solution we’ve yet to consider.
At the moment, there isn’t a ton of cash to go around, but we’re happy to compensate and open to ideas. Maybe all we need is a little help to take it to the next level. You might be the perfect addition to this team, and have some creative solutions on how to better manage the influx of decentralized identity intelligence.
7 Principles of Digital Being Identiverse - Nat Sakimura • June 30
Identihack | DIDI (LatAm Hackathon) • 6/28-7/16
34th The European Association for e-Identity and Security Annual Conference• 6/29-7/1
‘Securing Trust in the New Digital Reality’ (Kaliya is speaking)
Iowa .NET User Group with IdRamp Moving Beyond the Password • 7/8
Special Topics IIW
IIW 33 October 12-14th Virtual
On the Trust and Trust Modelling for the Future Fully-Connected Digital World: A Comprehensive Study
Under our analysis of trust and the digital world, we define differenttypes of trust relationships and find out the factors that are needed to ensure a fully representative model.Next, to meet the challenges of digital trust modelling, comprehensive trust model evaluation criteria areproposed, and potential securities and privacy issues of trust modelling are analyzed. Finally, we provide awide-ranging analysis of different methodologies, mathematical theories, and how they can be applied totrust modelling
I identify a series of competing logics in the debates around SSI’s emancipatory potential, which relate to four issues: (i) the neutrality of the technology, (ii) the capacities of refugees, (iii) global governance and the nation state, and (iv) new economic models for digital identity. SSI is simultaneously the potential enabler of new modes of empowerment, autonomy and data security for refugees and a means of maintaining and extending bureaucratic and commercial power. I situate SSI in a genealogy of systems of identity control and argue that, in practice, it is likely to feed into the powers of corporations and states over refugee populations.
zkKYC A solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs
The proposed solution concept, zkKYC, removes the need for the customer toshare any personal information with a regulated business for the purpose of KYC, and yet providesthe transparency to allow for a customer to be identified if and when that is ruled necessary by adesignated governing entity (e.g. regulator, law enforcement).
SSI Book Available for Purchase
It combines a clear, jargon-free introduction to this blockchain-inspired paradigm shift with interesting essays written by its leading practitioners. Whether for property transfer, ebanking, frictionless travel, or personalized services, the SSI model for digital trust will reshape our collective future.
“Media company” guys like Davis are still in a seller’s market for wisdom that was BS even when only the TV guys spoke it — back when it literally required the movie “Network.” That market will dry up. Why? Because we’ve been mad as hell for about hundred years, and now we don’t have to take it anymore.
What could be more worked-over than our new nature as digital beings? Consider where and what you are reading right now, on your desk, your lap or in your hand. This was barely imaginable when the word “journalism” came into use around 1830.
Everybody has our data ... except us reb00ted
Google has all my e-mail. (And I don’t. They merely let me access it with a browser.)
Facebook has the list of all of my friends and what I said to them. (And I don’t.)
LinkedIn has all of my business contacts. (Repeat after me: and I don’t.)
Instagram has all my photos. Well, the Instagram department of Facebook does. (Chorus now: and I don’t.)
Amazon has the list of all my purchases, and knows what products I was interested in but didn’t buy after all. (AND I DON’T.)
Reciprocal Negotiated Accountability Phil Windley
The self-sovereign internet underscores a tension between those who desire perfect oversight of society and those who desire perfect privacy. In this post, I explore a method for conditional legibility of private communications.
What Is Authentication? 1Kosmos
Authentication is the process of proving that a user is who they claim to be to access system resources or features. Typically, this calls for some type of proof, whether that is a physical piece of information, a secret piece of information or some other immutable form of evidence.
A digital identity wallet enables a user to establish relationships and interact with third parties in a trusted manner. While the wallet aspect is mainly dealing with key management, storage aspects and the graphical interface (UI = User Interface), the third party interactions are rather organised by your agent, which is a part of your wallet.
Personal Identity and the Future of Digital Interactions Ping Identity
What if individuals could determine how to share data and with whom? What if that data was always up to date? And what if instead of merely having a unified customer profile in a single company, each person could have one identity experience for all the companies and people they interact with?
Now with the 4th industrial (digital) revolution the old vertical, siloed trust models are breaking down and we are moving to a more horizontal, distributed environment.
A Collaborative Approach to Meeting the Challenges in President Biden’s Executive Order on Improving US Cybersecurity
One key aspect outlined in Section 4 of the Executive Order (EO) is securing the software supply chain. At issue here is the reality that the U.S. federal government—like nearly any other organization on the planet that uses computer technology in any form—relies on not just one but numerous types of software to process data and run operational equipment.
Adopting blockchain technology is seen as a necessity by the Korean government and multiple institutions are backing its continuous research and development, including the Ministry of Science and Technology (ICT), The Korea Internet Security Agency (KISA), Defense Acquisition Program Administration (DAPA), National IT Industry Promotion Agency (NIPA), and Korea Post among others.
LG CNS wins Korean government contract for decentralized identity for driver’s licenses Ledger Insights
Adopting DID technology provides numerous benefits but two stand out. Firstly, it should make it far harder to forge a license because credentials can be verified. Additionally, OmniOne includes FIDO biometric security. The second key benefit is that an individual can choose how much data to share.
It starts with IdentityOps embracing high assurance for connected devices. You’re bringing together internal stakeholders from your network management, security, procurement, legal, and device care teams. You’re bringing in clinical outcome quality professionals concerned with data provenance, from clinicians who touch your devices and authenticate through them and authorize them to provide services.
Elizabeth Renieris, a fellow at Stanford University who studies digital identification systems, said the feature may be easy-to-use and save time. Those conveniences, however, come at a cost: Turning every instance in which we show our ID into a business opportunity.
Encoding Trust that Travels with Data — A New Product Introduction Case Study Powered by Solutions Design with Transmute
underpinned by GS1 as a root of trust in the network — continuing a rich history for GS1 in this role. GS1 licenses and identifiers are and will continue to be at the foundation of trusting products and companies. Combining current practices with verifiable credential, decentralized identifier, and GS1 Digital Link standards disambiguating products builds business reputation for just-in-time engagement while keeping information up to date.
Verified.Me ensures that only authorized attributes are shared with explicit user consent. The service bridges together multiple participants within a common ecosystem to verify the identities of users securely and privately across the participating organizations with others within the group.
It can be integrated into new or existing ecosystems and provide fundamental decentralized identity infrastructure for users to authenticate, issue and receive Verifiable Credentials or transfer data. This allows for many innovative use cases like credential-based access management, automatic credential verification or trusted data transfer.
Together SITA and Indicio.tech utilized Hyperledger Aries, Ursa, and Indy to create a secure travel credential that is accepted by airlines, hotels and hospitality partners without sharing private health information. In this panel discussion, SITA and Indicio.tech will share their journey of applying verifiable credentials in commercial aviation and travel/hospitality to make it easy for visitors entering a country to share a trusted traveler credential – based on their health status, yet revealing no personal information or health data – privately and securely on their mobile device.
We are starting a new research project — and we’d like you to join us on the journey. Over the course of 2021, Qhala and Caribou Digital, with the support of the Mastercard Foundation, will work to understand the impact of COVID-19 on young women’s experiences working or selling through online platforms in Kenya.