Navigation
Blockchain Revolution Series
Will Microsoft or any giant company that has made its fortunes by centralizing big data really be the leader of the decentralized future? Time will tell. On the upside, as a major player in the blockchain space, Microsoft would also be introducing the mainstream to blockchain, and leading cryptocurrencies Bitcoin and Ethereum whose established blockchains, with their successes and failures, are proving that the digitalization of data is transforming not only the conversation around business, they are reshaping transactional relationships.
When we become our digital identities in business transactions, our habits change and our outlook on paper money, with all of its inflationary, derivatives-driven, border-inducing pitfalls, shifts. One out of six people worldwide lack legal identification, and of the remaining global citizens who do have ID, they contend with an onslaught of bureaucratic requirements.
Notarized copies assembled from a myriad of divisions and departments keeps applicants on a merry-go-round that blockchain technology will put to an end.
But centralization, by Microsoft, Google, Amazon or any tech giant, will continue until computers and computer fluency become the global mother tongue. Check Latest News Headlines. Check your inbox for confirmation email.
What Is Blockchain? What Does Hodl Mean? February 12, The Future of Your Identity With more established companies developing their own ecosystems to harness the power of public immutable ledgers that can store the types of personal data we use for Know Your Customer verifications, blockchain and DLT are gaining in popularity and purpose. Submit a Press Release. Crypto Livewire — Press Releases.
Kickstarting Streamr Governance. As many of you experience every day, the world is undergoing a global digital transformation where digital and physical reality are blurring into a single integrated modern way of living. This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world. And yet there is so much more we can do to empower everyone. We aspire to a world where the billions of people living today with no reliable ID can finally realize the dreams we all share like educating our children, improving our quality of life, or starting a business.
To achieve this vision, we believe it is essential for individuals to own and control all elements of their digital identity. Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it. Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity.
This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used. We know that enabling this kind of self-sovereign digital identity is bigger than any one company or organization. New systems and big ideas, often make sense on a whiteboard.
All the lines connect, and assumptions seem solid. However, product and engineering teams learn the most by shipping. Today, the Microsoft Authenticator app is already used by millions of people to prove their identity every day.
Yemen Zambia Zimbabwe. Own your digital identity Discover decentralized identity, a new way to provide ownership of personal data. Watch now. Decentralized identity benefits For everyone Own and control your digital identity and protect your privacy with secure user experiences.
For organizations Engage with less risk, use electronic claim verification, and improve transparency and auditability. For developers Design user-centric apps and services and build true serverless apps that store data with users. Download white paper. Review documentation. Read the latest news and blogs Scalable decentralized ID systems The next step in realizing our vision for the future of decentralized identities.
They are spawning a multitude of development teams creating new cryptocurrency altcoins for inventive blockchain solutions at a furious pace. But with its massive user base, Microsoft is well positioned to capture a major market share. Will Microsoft or any giant company that has made its fortunes by centralizing big data really be the leader of the decentralized future? Time will tell. On the upside, as a major player in the blockchain space, Microsoft would also be introducing the mainstream to blockchain, and leading cryptocurrencies Bitcoin and Ethereum whose established blockchains, with their successes and failures, are proving that the digitalization of data is transforming not only the conversation around business, they are reshaping transactional relationships.
When we become our digital identities in business transactions, our habits change and our outlook on paper money, with all of its inflationary, derivatives-driven, border-inducing pitfalls, shifts. One out of six people worldwide lack legal identification, and of the remaining global citizens who do have ID, they contend with an onslaught of bureaucratic requirements. Notarized copies assembled from a myriad of divisions and departments keeps applicants on a merry-go-round that blockchain technology will put to an end.
But centralization, by Microsoft, Google, Amazon or any tech giant, will continue until computers and computer fluency become the global mother tongue. Check Latest News Headlines. Check your inbox for confirmation email.
Today, the Microsoft Authenticator app is already used by millions of people to prove their identity every day. As a next step we will experiment with Decentralized Identities by adding support for them into to Microsoft Authenticator.
With consent, Microsoft Authenticator will be able to act as your User Agent to manage identity data and cryptographic keys. In this design, only the ID is rooted on chain. Initially we will support a select group of DID implementations across blockchains and we will likely add more in the future.
We are counting on the support and input of our alliance partners, members of the Decentralized Identity Foundation, and the diverse Microsoft ecosystem of designers, policy makers, business partners, hardware and software builders. Most importantly we will need you, our customers to provide feedback as we start testing these first set of scenarios.
This is our first post about our work on Decentralized Identity.
Own your digital identity
In many current cases, if users wished to cancel a stolen identity card, they blockchain have to physically go microsoft the municipality or governmental department, cancel that card and make a new one from scratch. Facebook, which is exploring develop technology and whose CEO has mused about a identity identity concept, is notably not solution member. If Announces has the solution to this problem, please will me know it. Casa — the easiest, most secure way to protect bitcoin. Fold — building the payments stack for a new economy—one that puts privacy and bitcoin within reach of every shopper.
Microsoft announces big blockchain identity systems project
The idea involves designing portable credentials that would work a bit like Facebook Connect, allowing seamless access to all sorts of applications.
But instead of Facebook or Microsoft holding the keys, you would. Proponents argue that would be a boon for privacy, because no one could follow your activity around the internet.
They also say it would help curb major leaks and hacks, since large pools of user data would be less likely to be stored in one place. Eventually, more complex and sensitive forms of data, from insurance cards to passports, could perhaps be stored in a decentralized digital form. For a digital ID to work everywhere online, it needs buy-in from all the places that currently covet your login.
Facebook, which is exploring blockchain technology and whose CEO has mused about a digital identity concept, is notably not a member. Bitcoin is notoriously slow, which has been a barrier to using it for much more than speculation. With consent, Microsoft Authenticator will be able to act as your User Agent to manage identity data and cryptographic keys.
In this design, only the ID is rooted on chain. Initially we will support a select group of DID implementations across blockchains and we will likely add more in the future.
We are counting on the support and input of our alliance partners, members of the Decentralized Identity Foundation, and the diverse Microsoft ecosystem of designers, policy makers, business partners, hardware and software builders. Most importantly we will need you, our customers to provide feedback as we start testing these first set of scenarios. This is our first post about our work on Decentralized Identity.
In upcoming posts we will share information about our proofs of concept as well as technical details for key areas outlined above. Skip to main content. Author Recent Posts. Ben Canner. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn. Share this: LinkedIn Twitter Facebook.
Connecting A “Heterogeneous Set Of User Interfaces”
Will the keys for announces DIDs never leave your hands, and all ION operations are signed locally on your device, you have the assurance that only microsoft can modify the state of your DIDs, no matter how you choose to interact with develop ION network. Identity Hubs provide secure, encrypted storage of personal data and they rely on decentralized systems blockchains and distributed ledgers to anchor their identifiers. Also would like to hear your blockchain on other initiatives in the market, such as Sovrin Hyperledger Indy compared to Microsoft's solution ION solution. Most Active Hubs Microsoft Teams. September identity,
A Credential is a set of multiple identity attributes and an identity attribute is a piece of information about an identity a name, an age, a date of birth. Credentials are issued by second parties whom attest to the validity of the data inside the credential. Through the infrastructure of a blockchain, the verifying parties do not need to check the validity of the actual data in the provided proof but can rather use the blockchain to check the validity of the attestation and attesting party such as the government from which they can determine whether to validate the proof.
This is crucial as a distributed ledger is immutable, meaning anything that is put on the ledger can never be altered nor deleted, and thus no personal data should ever be put on the ledger.
So, instead of storing actual private information, the only things stored on the ledger for the purpose of verification are:. DIDs are a new type of unique identifiers for verifying digital identities , and are entirely controlled by the identity owner. DIDs are independent of centralised registries, authorities or identity providers. Decentralized identifiers should be non-reassignable. They should be permanent. Other identifiers, such as IP address or email address, can be reassigned to other entities by whomever is in control.
This reduces privacy and security. Decentralized identifiers should be resolvable. Decentralized identifiers should be cryptographically verifiable. Decentralized identifiers should be decentralized.
Current identity management systems rely on centralized registries. Each of these registries ensures trust. DIDs do not depend on a central authority. Distributed ledger technology ensures trust as it allows everyone to have the same source of truth about the data in the credentials. For use cases where a DID is going to be unique. More info on this, here. Decentralized Identifiers could then increase security , as they eliminate siloed identity management, and increase privacy , as they give the identity owner the opportunity to selectively disclose specific information about himself.
Ultimately, they will turn digital identities into Self-Sovereign Identities as they allow each individual to own and control their identity without depending on other parties.
Next to checking the attesting party, verification of a credential also includes checking the validity of the attestation itself. The registry contains the status of each credential, whether it has been revoked deleted or updated and hence whether this specific credential is still valid. In other words, the ledger enables everyone in the network to have the same source of truth about which credentials are still valid and who attested to the validity of the data inside the credential, without revealing the actual data.
Revocation means deleting or updating a credential. The possibility for an issuer to revoke a credential is crucial to an identity infrastructure for the main reason that identities are dynamic. Attributes can change over time e.
The fact is, however, that in order to ensure trustworthiness of the system and eliminate the possibility to defraud, credentials are immutable. After issuing, no one not even the issuer can change the information inside the credential.
Hence, when attributes change, a new credential needs to be issued and the old one needs to be announced invalid. Thus, at each proof the users needs to proof that the credentials used in the proof are still valid.
The revocation registry allows him to prove this without contacting the issuing party. For example, the Government issues a credential to you, that you have 3 children. A month later your family is blessed with a 4th child. Now, the Government will mark the previous credential as invalid stating that you have 3 children and will issue a new credential stating that you have 4 children.
The revocation registry is a complex mathematical concept. Through identity management with blockchain technology, each user stores their digital identity credentials on a digital identity wallet on his devices like his mobile phone. Which begs the question: what if his phone is lost or stolen? According to Sovrin , there are two steps to be taken. Digital Identity credentials are only valid if used from a device that was authorized to do so. This would take immediate effect and stop anyone from using the digital identity credentials on the phone.
The thief would not be able to impersonate the user even if he has her passwords, biometrics or phone because the blockchain, immutable and secure, would contain a revocation registry for the phone. The second step impedes the thief to explore the existing relationships between the device and other people or organisations.
The second step thus is to revoke the existing relationship keys pairwise connections where each of them has a unique key. These two steps stop an identity thief to use digital identity credentials to access new services or explore relationships with existing ones.
While conveniently letting the user still use his credentials on another device. In many current cases, if users wished to cancel a stolen identity card, they would have to physically go to the municipality or governmental department, cancel that card and make a new one from scratch. Which would take time and still would not impede an identity thief from using your data. Sovrin have published a pdf with a thorough explanation on the technical aspects of device loss of theft that we recommend.
The first model of digital identity management was a siloed one. Each organisation issues a digital identity credential to a user to allow him to access its services. Each user needs a new digital identity credential for every new organisation he engages with. According to Elizabeth M. Just remember all the websites you had to register and create new passwords and login details for. Because of the poor user experience of the first model, third parties began issuing digital identity credentials that allow users to login to services and other websites.
This, of course, raises privacy and security concerns. The emergence of Blockchain technology is what allowed the third model of identity management: Self-Sovereign Identity. Contents hide. Revocation in Blockchain Identity Management. I've been anchoring data to Bitcoin using Blockstack's subdomains protocol for a while layer 2 batching.
Is there a performance hit when using IPFS compared to a central cloud hosted provider? If IPFS is being used and my local computer is turned off who on the network is going to "pin" for free? I've replicated this architecture on Blockstack using automerge. The real problem I ran into is creating real life collaborative dapps. How does ION support group keys and indexing? For example, how would you create a social network feed for an invite only group?
Blockstack Radiks is what I have been using to solve this problem in the Blockstack ecosystem. These are reflected in the protocol's rules that unlock a few key attributes we desired in an open protocol.
Entities already maintain this sort of data today for free, so we believe they will continue to do so. You can also persist your own PKI metadata without the need to rely on anyone, which is a great feature of the protocol that empowers users to exist in the decentralized identity ecosystem without any aid from companies.
I can see both business and private applications here After reading a bit more, this all looks very promising. Thank you for taking the time to engage your community and offer them valuable dialogue.
My only remaining ask is to please consider a. It seems that Azure always considers. NET only after the JS-folks are catered to, and this seems very backwards -- to the point of embarrassment. Azure Functions is a great example of this, where they are still trying to reconcile the two flavors of their offering and now only getting on their feet between the two after years of development. Further, the. NET representation in blockchain is non-existent. This would be an excellent entry-level introduction to a bunch of great.
NET developers out there. Thanks in advance for any consideration. Is there a good example online or a blog post? What is the roadmap for streamlining private key management on the client side for the End users? Will login be streamlined for an end user like in Blockstack Sounds really interesting. May I know the business model? Also would like to hear your comments on other initiatives in the market, such as Sovrin Hyperledger Indy compared to Microsoft's sidetree-based ION solution.
I appreciate your team's effort and Microsoft's intent with ION, as this is clearly a gap in the digital identity service value chain. I have some queries related to preserving privacy and control of users digital identity transactions over the blockchain network.
Would appreciate you could take a look. Or can I use the ION did method did:ion:? Are they complementary and both required in order to deploy a completer identity solution? Or can the Identity Hub perform all agents' functionalities? This has nothing to do with the content a person chooses to generated in association with their IDs, and the IDs cannot be 'deplatformed' by us or anyone else that runs an ION node this is a core requirement.
Hi Alex, I am looking forward to learn more about this project and how it evolves. Is there anybody in your Munich team in Germany who is part of this group? I consider myself as an advocate for Digital Identity and I am discussing this matter with politicians on local and federal level.
Maybe it is of mutual benefit to touch base. Cheers Erwin. This looks really interesting. I've been working on Blockstack project for past 18 months and am immediately wondering whether we can bind blockstack human readable names to the sidetree generated unique identifiers?
Hubs which will be a byproduct of that group are different than Indy Agents, as they do not have privileged access to data. You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in. Products 70 Special Topics 19 Video Hub Most Active Hubs Microsoft Teams. Azure Active Directory. Microsoft Edge Insider.
Azure Databases. Project Bonsai. Microsoft Security and Compliance. Education Sector. Healthcare and Life Sciences. Premier Field Engineering. Driving Adoption. Small and Medium Business.
Customer Advisory Team. Enabling Remote Work. Humans of IT. Microsoft Learn. MVP Award Program. Video Hub Azure. Microsoft Business.
Microsoft Enterprise.