Self-Sovereign Identity: Proving Power over Legal Entities

Master thesis (2020)

Authors

T. Speelman Electrical Engineering, Mathematics and Computer Science

Contributors

J.A. Pouwelse Data-Intensive Systems - EEMCS (supervisor 1)
Jan S. Rellermeyer Data-Intensive Systems - EEMCS (supervisor 2)
N. Tintarev Web Information Systems - EEMCS (supervisor 2)
Faculty
Electrical Engineering, Mathematics and Computer Science
Copyright: © 2020 Tim Speelman
Self-Sovereign Identity Distributed Systems Authorisation Legal Entities Kamer van Koophandel
More Info
expand_more

Published Date

21-07-2020

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Self-Sovereign Identity (SSI) is a new paradigm in digital identity systems that puts the end-user in control: no other actor manages, permits or revokes their digital existence. TrustChain is an academic peer-to-peer networking stack supporting SSI. It delivers passport-grade assurance by integrating with Dutch government. However, end-user control requires a programmed user agent with a human interface and protocols that enable meaningful communication with issuers and verifiers of identity data. This agent must be inter-operable with a large variety of parties and credentials. TrustChain lacks such an interface and protocols.   This thesis makes three main contributions. First, a theoretical framework is proposed for aligning notions of self-sovereignty across contexts, borders and cultures. It provides more detailed, focused and structured discourse than other work and helps consolidate design efforts. Second, a design project is done in collaboration with the Kamer van Koophandel (KVK). It focuses on `authorisation by legal entities', a class of identity problems that have no satisfactory solution yet. Third, a generic common `semantic layer' is prototyped, consisting of a smartphone based user agent and communication protocols. Its wallet-centric approach allows end-users to retrieve their data without leaving the app. The practical value of this prototype is evaluated at a construction site.  The case study shows that the Kamer van Koophandel, like other government institutions, can be a valuable data provider. However, their current legal framework and business model may restrict them. Absence of such vital institutions invites commercial parties to close the gap, threatening privacy and independence of end-users.   Finally, this work has three implications for TrustChain. First, attestation metadata must be considered confidential. Second, single-sided public revocation is required to ensure credential actuality without re-issuing. And third, non-interactive verification enables the construction of chains of untrusted issuers. This is a valuable feature as it enables individuals, not just organisations, to issue claims to others.