-
@ Volodymyr Pavlyshyn
2023-07-30 11:00:33In 2005, Microsoft’s Chief Identity Architect, Kim Cameron, wrote an influential paper called The Laws of Digital Identity.
Laws of identity
Sure, here's Kim Cameron's Laws of Identity in markdown format:
Kim Cameron's Laws of Identity
- Law of Control:
-
Users must have control over their own digital identities. They should be able to decide and control how their identities are used and shared.
-
Law of Minimal Disclosure:
-
The solution which discloses the least identifying information and best limits its use is the most stable, long-term solution.
-
Law of Justifiable Parties:
-
Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship.
-
Law of Directed Identity:
-
A universal identity system must support both "omnidirectional" identifiers for use by public entities and "unidirectional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
-
Law of Pluralism:
-
A universal identity system must channel and enable the interworking of multiple identity technologies run by multiple identity providers.
-
Law of Human Integration:
-
The identity system must define the human user as a component integrated through protected and unambiguous human-machine communications.
-
Law of Consistent Experience Across Contexts:
- The unifying identity metasystem must provide a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.
These principles are designed to ensure user control, privacy, and security in digital identity systems, and they have influenced a wide range of subsequent work in digital identity.
It defines the core principles of a meta-identity system that allow the building next generations of identity systems.
Let's look at how Self-Sovereign Identity Principles support this law and enable to build of a meta-identity system on top.
SSI principles
Sure, here are the core principles of Self-Sovereign Identity (SSI) in markdown format:
Principles of Self-Sovereign Identity (SSI)
- Existence:
-
Users must have an independent existence. Their identities should exist even outside of the digital realm.
-
Control:
-
Users must control their identities. They should have the ability to access, manage, and control the data and information that is associated with their identity.
-
Access:
-
Users must have access to their own data. They should be able to retrieve, move, and store their data as they wish.
-
Transparency:
-
Systems and algorithms must be transparent. The systems used to administer and operate a user's identity must be open, both in how they function and in how they are managed and governed.
-
Persistence:
-
Identities must be long-lived. Ideally, they should last forever, or at least for as long as the user wishes.
-
Portability:
-
Information and services about identity must be transportable. They should not be held by a singular third-party entity, even if it's a trusted entity.
-
Interoperability:
-
Identities should be as widely usable as possible. They should function in all the places where identity information is required.
-
Consent:
-
Users must agree to the use of their identity. Their consent should be a requirement for any identity transactions in which their data is utilized.
-
Minimization:
-
Disclosure of claims must be minimized. When data is disclosed, the user should provide the minimal amount of data necessary for the transaction.
-
Protection:
- The rights of users must be protected. Whether through legal means or through the architecture of the identity system itself, a user's rights, including their right to privacy, should be protected.
SSI puts the individual at the center of digital identity management, providing a strong framework for privacy, security, and user control.
correlation of digital identity laws and SSI principles © A Comprehensive Guide to Self Sovereign Identity In a picture, we see a mapping of laws and principles. Only one item is missing. Direct Entity — is covered by DIDs. So entities should have public and resolved identifiers, like the peer-to-peer private ones that allow the building of pseudo-anonymous relations.
You could get more details in a book.
Learn digital identity