SlideShare a Scribd company logo

Verifiable Credentials_Kristina_Identiverse2022_vFIN.pdf

Kristina Yasuda
Kristina Yasuda

What is a Verifiable Credential, and Why Does it Matter? https://identiverse.com/idv2022/session/841421/ "A verifiable credential (VC) is an assertion with a secret weapon – called a verifiable presentation (VP). VCs and VPs are unique in that they enable users to directly hold and present claims about themselves, issued by many different authorities. This is an important addition to the domain-relative credentials that are presented today as part of federated sign-in or SSO contexts. You may ask – why is that direct presentation important? Kristina Yasuda will talk through how VCs and VPs work, what makes VCs different from common federated credentials, and what VCs could change about how we interact with data in the future."

Internet
1 of 49
Download to read offline
#identiverse Architecture & Standards What is a Verifiable Credential, and Why Does it Matter?
#identiverse Identity Standards Architect Kristina Yasuda Microsoft
#identiverse This talk is NOT about W3C Verifiable Credentials Data Model, JWT-VC,s JWT-VPs, LDP-VCs, LDP-VPs, etc. It’s about… (you’ll see)
#identiverse How do we normally present Identity? (notice that it does not say “digital identity”)
#identiverse Plastic Cards in a Physical Wallet Source: Unsplash
#identiverse What is the emerging way to present Identity? (that we have been so excited about)
#identiverse Digital Cards in a Digital Wallet + …and other things Caveat: digital wallets can also hold…
#identiverse Let’s experience a digital wallet. (is it really that exciting?) Imagine when you checked into a hotel to attend Identiverse.
#identiverse Issued to Me Physical Wallet Digital Card Cards are issued to me (owner of the wallet) 1. Physical wallet and emerging digital wallet +
#identiverse Issued by the Authoritative Issuer Cards are issued by the authoritative issuer Plastic Card Digital Card 1. Physical wallet and emerging digital wallet +
#identiverse Cards are Portable I can carry the cards with me (for example, in a wallet) Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
#identiverse Multi-Use of a Single Credential I can use the same card multiple times Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
#identiverse Combine Multiple Cards in One Transaction I can show multiple cards at the same time Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
#identiverse Issuer Might Not Know When and Where the Card is Used Issuer of the card might not know when and where I use the card Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet
#identiverse Similarity in the Experience and Features Issued to? Issued by? Portable? Multi-Use? Combining multiple cards? Issuer knows? Yes Yes me the authoritative issuer Might not Yes Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
#identiverse What are benefits of “Digital Cards”?
#identiverse Use-Case: Digital Driving License* Everything is moving into the phone Reducing human error during verification Unlocking online Use- Cases * Same value propositions will apply to the other credentials such as University Graduation Credentials for example 1. Physical wallet and emerging digital wallet
#identiverse How are “Digital Cards” different from the way we are used to presenting identity online?
#identiverse Yes, Federated Sign-in * Each company has offerings in both Consumer and Enterprise spaces Consumer* Enterprise*
#identiverse A new artifact introduced in the “Digital Cards” model* * Some “Digital Cards” use-cases do not require user signed artifact. Issuer-signed Card (what is issued) User Signature User-signed Card (what is presented, only in digital cards model) - Claims about the User - User Identifier - User’s Public Key Issuer Signature - Claims about the User - User Identifier Issuer Signature Not Bearer! Owned by a user who controls the private key tied to a public key. Claims inside can be about another user, if delegated
#identiverse Not everything changes, but some important differences Issuer (Website) Verifier (Website) Holder (Digital Wallet) Federated Sign-in Digital Cards model Identity Provider (Issuer) Relying Party (Verifier) Issuer- signed Sign Issuer- signed Sign User-signed Sign User Agent
#identiverse Issued to? Federated Sign-in Digital Card Cards are issued to me (owner of the wallet)* Issuer signed card is issued to the Relying Party (via the User Agent) *Issuer only has limited technical means to control at which verifier the user is going to use a digital credential. Not talking about delegation/guardianship scenarios here. 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
#identiverse Issued by? The authoritative issuer (Identity Provider)* Federated Sign-in Digital Card 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet * Ratio of the Issuers to the Verifiers varies, too.
#identiverse Portable? (Identifier is what would allow Card portability) Globally unique identifier - not namespaced and is portable.* User identifier namespaced to the Identity Provider Federated Sign-in Digital Card * Depends whether the Verifier accepts non-namespaced identifier brought by the User. 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
#identiverse Multi-Use? Same card can be used multiple times* ID Token is one- time use Federated Sign-in Digital Card * Same Issuer-signed credential, different user signature per presentation 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
#identiverse Combining multiple cards from multiple issuers in one transaction? I can show multiple cards from multiple issuers in one transaction RP receives one ID Token from one IdP in one transaction* Federated Sign-in Digital Card * IdP can aggregate claims from multiple issuers, but authority of the original issuer is gone * Focus is on the deployed features of the Federated sign-in 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
#identiverse Issuer knows about my usage? Depends on the use-case whether Issuer of the card knows when and where I use the card* Issuer of the ID Token knows when and where I used it, always Federated Sign-in Digital Card 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet * Some use-cases require the Issuer knowing where the card is used.
#identiverse Certain Differences -> can address different use-cases Issued to? me Relying Party Issued by? Authoritative Issuer Portable? (Identifier) Possible Within IdP Multi-Use? Yes One-Time Combining multiple cards? Yes Not used Issuer knows? Depends Yes Federated Sign-in Digital Card 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
#identiverse When are the use- cases enabled by the differences of “Digital Cards”?
#identiverse Use-Case: Identity Governance Attribute-level Attestation 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful
#identiverse Use-Case: Authentication at the Edge No Account Creation * * Need a verifier who is ok not to create an account
#identiverse Use-Case: Supply Chain Scale across thousands of organizations + independent from the Issuer Availability + Ad-Hoc Trust* Possible 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful * When decision whether to trust a source of a request/response can be made when receiving that request/response (at a runtime)
#identiverse Beyond Technical Integration: Legal Agreements, Compliance, etc. (not a new problem) Digital Cards model Issuer (Website) Verifier (Website) Holder (Digital Wallet) Legal agreement* Legal agreement* Legal agreement* Federated Sign-in Identity Provider (Issuer) Relying Party (Verifier) End- User Legal agreement 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful * Can be ad-hoc trust or a legal agreement.
#identiverse Use-Case: Digital Driving License Public Perception 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful
#identiverse Benefits of Digital Cards Public Perception Scale Cross- Organization Trust + independent from the Issuer Availability No Account Creation (e.g. Authentication at the Edge) Attribute-level Attestation 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful
#identiverse Isn’t this talk about “Verifiable Credentials”?
#identiverse Meet Verifiable Credentials The idea of Verifiable Credentials is to design components and mechanisms necessary to use “Digital Cards”. Multiple design choices possible.
#identiverse Data-Models and Credential Formats of Verifiable Credentials * ISO/IEC 18013-5 mDL provided by Zetes Industries S.A. Verifiable Credentials W3C Verifiable Credentials Data Model JWT-VC LDP-VC AnonCreds mDL data model CBOR- encoded, COSE signed JSON- encoded, JSON signed* SMART Health Cards … …
#identiverse Standards that enable Verifiable Credentials Component Standards Exchange Protocol OpenID for VC Issuance, OpenID for VPs Subject-Signed Authentication Self-Issued OpenID Provider v2 Credential Formats W3C JWT-VC, W3C LDP-VC, ISO mDL, IETF SD-JWT, etc.… Entity Identifier DID methods, Raw keys, X.509 certs, etc. Cryptography EdDSA, ES256K, etc. Revocation Status List 2021, Revocation List 2020, Accumulators, etc. Trust Frameworks Trusted Registries, Ledgers, etc.
#identiverse How to find your peaceful spot for your use-case inside a Verifiable Credentials ecosystem? - Scope - Enterprise / Consumer / Government - Market - Established / Emerging - Use-Cases - High Assurance / Low Assurance - Identity of - Individual / Legal Entity / Machine Key Slide
#identiverse Food for thought - Attestations to prove security of a digital wallet? - Usage of the Cloud components? - Will Verifiers request digital cards more often than needed? - Attributes of each user in one place – higher risk for hacking? - Maturity of the Trust Frameworks? … 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful 4. Verifiable Credentials: Pros and Cons
#identiverse What we did not talk about - Revocation - Selective Disclosure - Refresh - Delegation / Guardianship use-cases - Unlinkability - (Web3 – digital cards are possible without blockchain/DLT) … 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful 4. Verifiable Credentials: Pros and Cons
#identiverse Now that you know what verifiable credentials are good for… Where in a verifiable credentials ecosystem does your use-case belong to? What aspects need a deep-dive to realize your use-case?* * Business? Legal? Technical? Standards? else?
#identiverse * Session may be called “Building Secure, Trusted and Interoperable Self-Sovereign Identity with OpenID Connect” in some parts of the Identiverse website. *
#identiverse Yes, flexibility of verifiable credentials is both exciting and confusing.
#identiverse But with a little bit of imagination your use-case will find a cool spot.
#identiverse Thank you!
#identiverse Some Real-life Examples mobile Driving Licence Vaccination QR Code
#identiverse Why these two are moving forward? mobile Driving Licence Vaccination QR Code • One large Verifier – TSA • No usage of Advanced Cryptography for Selective Disclosure or Predicates • Not doing Holder Binding • Make choices across technical stack to ensure interoperability (e.g. exchange protocols, credential format, data model, crypto suites, etc.) • Finding a verifier that does not require account creation • Focus on the existing ecosystems Mutual to both

Recommended

OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSITorsten Lodderstedt
 
次世代KYCと自己主権型アイデンティティの動向
次世代KYCと自己主権型アイデンティティの動向次世代KYCと自己主権型アイデンティティの動向
次世代KYCと自己主権型アイデンティティの動向Naohiro Fujie
 
Self-issued OpenID Provider_OpenID Foundation Virtual Workshop
Self-issued OpenID Provider_OpenID Foundation Virtual Workshop Self-issued OpenID Provider_OpenID Foundation Virtual Workshop
Self-issued OpenID Provider_OpenID Foundation Virtual Workshop Kristina Yasuda
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt
 

Recommended

OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSITorsten Lodderstedt
 
次世代KYCと自己主権型アイデンティティの動向
次世代KYCと自己主権型アイデンティティの動向次世代KYCと自己主権型アイデンティティの動向
次世代KYCと自己主権型アイデンティティの動向Naohiro Fujie
 
Self-issued OpenID Provider_OpenID Foundation Virtual Workshop
Self-issued OpenID Provider_OpenID Foundation Virtual Workshop Self-issued OpenID Provider_OpenID Foundation Virtual Workshop
Self-issued OpenID Provider_OpenID Foundation Virtual Workshop Kristina Yasuda
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)OpenID for Verifiable Credentials (IIW 35)
OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターンMasaru Kurahayashi
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Jun Kurihara
 
OpenID Connect 4 SSI
OpenID Connect 4 SSIOpenID Connect 4 SSI
OpenID Connect 4 SSITorsten Lodderstedt
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36Torsten Lodderstedt
 
OIDC4VP for AB/C WG
OIDC4VP for AB/C WGOIDC4VP for AB/C WG
OIDC4VP for AB/C WGTorsten Lodderstedt
 
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験についてFIDO Alliance
 
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~Tatsuo Kudo
 
認証から見たリモート署名 ー利用認証と鍵認可ー
認証から見たリモート署名 ー利用認証と鍵認可ー認証から見たリモート署名 ー利用認証と鍵認可ー
認証から見たリモート署名 ー利用認証と鍵認可ーNaoto Miyachi
 
安全なID連携のハウツー
安全なID連携のハウツー安全なID連携のハウツー
安全なID連携のハウツーMasaru Kurahayashi
 
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...日本マイクロソフト株式会社
 
OpenID Connect for W3C Verifiable Credential Objects
OpenID Connect for W3C Verifiable Credential ObjectsOpenID Connect for W3C Verifiable Credential Objects
OpenID Connect for W3C Verifiable Credential ObjectsTorsten Lodderstedt
 
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15OpenID Foundation Japan
 
分散型IDと検証可能なアイデンティティ技術概要
分散型IDと検証可能なアイデンティティ技術概要分散型IDと検証可能なアイデンティティ技術概要
分散型IDと検証可能なアイデンティティ技術概要Naohiro Fujie
 
Verifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityVerifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityEvernym
 
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景Tatsuo Kudo
 
FIDOのキホン
FIDOのキホンFIDOのキホン
FIDOのキホンYahoo!デベロッパーネットワーク
 
OAuth 2.0による認可の流れ
OAuth 2.0による認可の流れOAuth 2.0による認可の流れ
OAuth 2.0による認可の流れTakeshi Mikami
 
SSIとDIDで何を解決したいのか?(β版)
SSIとDIDで何を解決したいのか?(β版)SSIとDIDで何を解決したいのか?(β版)
SSIとDIDで何を解決したいのか?(β版)Naohiro Fujie
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksEvernym
 
Digital signature
Digital signatureDigital signature
Digital signatureYash Karanke
 

More Related Content

What's hot

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターンMasaru Kurahayashi
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Jun Kurihara
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36Torsten Lodderstedt
 
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験についてFIDO Alliance
 
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~Tatsuo Kudo
 
認証から見たリモート署名 ー利用認証と鍵認可ー
認証から見たリモート署名 ー利用認証と鍵認可ー認証から見たリモート署名 ー利用認証と鍵認可ー
認証から見たリモート署名 ー利用認証と鍵認可ーNaoto Miyachi
 
安全なID連携のハウツー
安全なID連携のハウツー安全なID連携のハウツー
安全なID連携のハウツーMasaru Kurahayashi
 
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...日本マイクロソフト株式会社
 
OpenID Connect for W3C Verifiable Credential Objects
OpenID Connect for W3C Verifiable Credential ObjectsOpenID Connect for W3C Verifiable Credential Objects
OpenID Connect for W3C Verifiable Credential ObjectsTorsten Lodderstedt
 
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15OpenID Foundation Japan
 
分散型IDと検証可能なアイデンティティ技術概要
分散型IDと検証可能なアイデンティティ技術概要分散型IDと検証可能なアイデンティティ技術概要
分散型IDと検証可能なアイデンティティ技術概要Naohiro Fujie
 
Verifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityVerifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityEvernym
 
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景Tatsuo Kudo
 
OAuth 2.0による認可の流れ
OAuth 2.0による認可の流れOAuth 2.0による認可の流れ
OAuth 2.0による認可の流れTakeshi Mikami
 
SSIとDIDで何を解決したいのか?(β版)
SSIとDIDで何を解決したいのか?(β版)SSIとDIDで何を解決したいのか?(β版)
SSIとDIDで何を解決したいのか?(β版)Naohiro Fujie
 

What's hot (20)

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン俺が考えた最強のID連携デザインパターン
俺が考えた最強のID連携デザインパターン
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
 
OpenID Connect 4 SSI
OpenID Connect 4 SSIOpenID Connect 4 SSI
OpenID Connect 4 SSI
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36
 
OIDC4VP for AB/C WG
OIDC4VP for AB/C WGOIDC4VP for AB/C WG
OIDC4VP for AB/C WG
 
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
 
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
パスワード氾濫時代のID管理とは? ~最新のOpenIDが目指すユーザー認証の効率的な強化~
 
認証から見たリモート署名 ー利用認証と鍵認可ー
認証から見たリモート署名 ー利用認証と鍵認可ー認証から見たリモート署名 ー利用認証と鍵認可ー
認証から見たリモート署名 ー利用認証と鍵認可ー
 
安全なID連携のハウツー
安全なID連携のハウツー安全なID連携のハウツー
安全なID連携のハウツー
 
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
S13_レガシー ID 管理者でも分かる Verifiable Credentials のセッション [Microsoft Japan Digital D...
 
OpenID Connect for W3C Verifiable Credential Objects
OpenID Connect for W3C Verifiable Credential ObjectsOpenID Connect for W3C Verifiable Credential Objects
OpenID Connect for W3C Verifiable Credential Objects
 
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
 
分散型IDと検証可能なアイデンティティ技術概要
分散型IDと検証可能なアイデンティティ技術概要分散型IDと検証可能なアイデンティティ技術概要
分散型IDと検証可能なアイデンティティ技術概要
 
Verifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityVerifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & Hospitality
 
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景
 
FIDOのキホン
FIDOのキホンFIDOのキホン
FIDOのキホン
 
OAuth 2.0による認可の流れ
OAuth 2.0による認可の流れOAuth 2.0による認可の流れ
OAuth 2.0による認可の流れ
 
SSIとDIDで何を解決したいのか?(β版)
SSIとDIDで何を解決したいのか?(β版)SSIとDIDで何を解決したいのか?(β版)
SSIとDIDで何を解決したいのか?(β版)
 

Similar to Verifiable Credentials_Kristina_Identiverse2022_vFIN.pdf

Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksEvernym
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?Evernym
 
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONPankaj Rane
 
Re-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity ManagementRe-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity ManagementMartijn Oostdijk
 
Money pad future wallet
Money pad future walletMoney pad future wallet
Money pad future walletrmangal
 
Money pad future wallet report
Money pad future wallet reportMoney pad future wallet report
Money pad future wallet reportrmangal
 
Money pad future wallet report
Money pad future wallet reportMoney pad future wallet report
Money pad future wallet reportrmangal
 
Electronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment IndustryElectronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment IndustryGoutama Bachtiar
 
The future of digital identity initial perspective
The future of digital identity initial perspectiveThe future of digital identity initial perspective
The future of digital identity initial perspectiveFuture Agenda
 
What is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhraWhat is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhraeMudhra dsc
 
Indjic fintech module 3
Indjic fintech module 3Indjic fintech module 3
Indjic fintech module 3Drago Indjic
 
R.Grassi - P.Sardo - One integration: every wat to pay
R.Grassi - P.Sardo - One integration: every wat to payR.Grassi - P.Sardo - One integration: every wat to pay
R.Grassi - P.Sardo - One integration: every wat to payMeet Magento Italy
 
Technologies for Self-Sovereign Identity
Technologies for Self-Sovereign IdentityTechnologies for Self-Sovereign Identity
Technologies for Self-Sovereign IdentityMarkus Sabadello
 
Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI InfrastructureShubham Sharma
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesVivaka Nand
 

Similar to Verifiable Credentials_Kristina_Identiverse2022_vFIN.pdf (20)

Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For Banks
 
Digital signature
Digital signatureDigital signature
Digital signature
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?
 
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
 
Re-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity ManagementRe-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity Management
 
Money pad future wallet
Money pad future walletMoney pad future wallet
Money pad future wallet
 
Money pad future wallet report
Money pad future wallet reportMoney pad future wallet report
Money pad future wallet report
 
Money pad future wallet report
Money pad future wallet reportMoney pad future wallet report
Money pad future wallet report
 
Digital Signature.pptx
Digital Signature.pptxDigital Signature.pptx
Digital Signature.pptx
 
Electronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment IndustryElectronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment Industry
 
The future of digital identity initial perspective
The future of digital identity initial perspectiveThe future of digital identity initial perspective
The future of digital identity initial perspective
 
What is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhraWhat is Digital Signature, Digital Signature FAQ - eMudhra
What is Digital Signature, Digital Signature FAQ - eMudhra
 
Indjic fintech module 3
Indjic fintech module 3Indjic fintech module 3
Indjic fintech module 3
 
R.Grassi - P.Sardo - One integration: every wat to pay
R.Grassi - P.Sardo - One integration: every wat to payR.Grassi - P.Sardo - One integration: every wat to pay
R.Grassi - P.Sardo - One integration: every wat to pay
 
Technologies for Self-Sovereign Identity
Technologies for Self-Sovereign IdentityTechnologies for Self-Sovereign Identity
Technologies for Self-Sovereign Identity
 
Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI Infrastructure
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
 

Recently uploaded

VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...akbard9823
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 

Recently uploaded (20)

VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 

Verifiable Credentials_Kristina_Identiverse2022_vFIN.pdf

  • 1. #identiverse Architecture & Standards What is a Verifiable Credential, and Why Does it Matter?
  • 3. #identiverse This talk is NOT about W3C Verifiable Credentials Data Model, JWT-VC,s JWT-VPs, LDP-VCs, LDP-VPs, etc. It’s about… (you’ll see)
  • 4. #identiverse How do we normally present Identity? (notice that it does not say “digital identity”)
  • 5. #identiverse Plastic Cards in a Physical Wallet Source: Unsplash
  • 6. #identiverse What is the emerging way to present Identity? (that we have been so excited about)
  • 7. #identiverse Digital Cards in a Digital Wallet + …and other things Caveat: digital wallets can also hold…
  • 8. #identiverse Let’s experience a digital wallet. (is it really that exciting?) Imagine when you checked into a hotel to attend Identiverse.
  • 9. #identiverse Issued to Me Physical Wallet Digital Card Cards are issued to me (owner of the wallet) 1. Physical wallet and emerging digital wallet +
  • 10. #identiverse Issued by the Authoritative Issuer Cards are issued by the authoritative issuer Plastic Card Digital Card 1. Physical wallet and emerging digital wallet +
  • 11. #identiverse Cards are Portable I can carry the cards with me (for example, in a wallet) Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
  • 12. #identiverse Multi-Use of a Single Credential I can use the same card multiple times Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
  • 13. #identiverse Combine Multiple Cards in One Transaction I can show multiple cards at the same time Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
  • 14. #identiverse Issuer Might Not Know When and Where the Card is Used Issuer of the card might not know when and where I use the card Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet
  • 15. #identiverse Similarity in the Experience and Features Issued to? Issued by? Portable? Multi-Use? Combining multiple cards? Issuer knows? Yes Yes me the authoritative issuer Might not Yes Physical Wallet Digital Card 1. Physical wallet and emerging digital wallet +
  • 16. #identiverse What are benefits of “Digital Cards”?
  • 17. #identiverse Use-Case: Digital Driving License* Everything is moving into the phone Reducing human error during verification Unlocking online Use- Cases * Same value propositions will apply to the other credentials such as University Graduation Credentials for example 1. Physical wallet and emerging digital wallet
  • 18. #identiverse How are “Digital Cards” different from the way we are used to presenting identity online?
  • 19. #identiverse Yes, Federated Sign-in * Each company has offerings in both Consumer and Enterprise spaces Consumer* Enterprise*
  • 20. #identiverse A new artifact introduced in the “Digital Cards” model* * Some “Digital Cards” use-cases do not require user signed artifact. Issuer-signed Card (what is issued) User Signature User-signed Card (what is presented, only in digital cards model) - Claims about the User - User Identifier - User’s Public Key Issuer Signature - Claims about the User - User Identifier Issuer Signature Not Bearer! Owned by a user who controls the private key tied to a public key. Claims inside can be about another user, if delegated
  • 21. #identiverse Not everything changes, but some important differences Issuer (Website) Verifier (Website) Holder (Digital Wallet) Federated Sign-in Digital Cards model Identity Provider (Issuer) Relying Party (Verifier) Issuer- signed Sign Issuer- signed Sign User-signed Sign User Agent
  • 22. #identiverse Issued to? Federated Sign-in Digital Card Cards are issued to me (owner of the wallet)* Issuer signed card is issued to the Relying Party (via the User Agent) *Issuer only has limited technical means to control at which verifier the user is going to use a digital credential. Not talking about delegation/guardianship scenarios here. 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
  • 23. #identiverse Issued by? The authoritative issuer (Identity Provider)* Federated Sign-in Digital Card 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet * Ratio of the Issuers to the Verifiers varies, too.
  • 24. #identiverse Portable? (Identifier is what would allow Card portability) Globally unique identifier - not namespaced and is portable.* User identifier namespaced to the Identity Provider Federated Sign-in Digital Card * Depends whether the Verifier accepts non-namespaced identifier brought by the User. 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
  • 25. #identiverse Multi-Use? Same card can be used multiple times* ID Token is one- time use Federated Sign-in Digital Card * Same Issuer-signed credential, different user signature per presentation 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
  • 26. #identiverse Combining multiple cards from multiple issuers in one transaction? I can show multiple cards from multiple issuers in one transaction RP receives one ID Token from one IdP in one transaction* Federated Sign-in Digital Card * IdP can aggregate claims from multiple issuers, but authority of the original issuer is gone * Focus is on the deployed features of the Federated sign-in 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
  • 27. #identiverse Issuer knows about my usage? Depends on the use-case whether Issuer of the card knows when and where I use the card* Issuer of the ID Token knows when and where I used it, always Federated Sign-in Digital Card 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet * Some use-cases require the Issuer knowing where the card is used.
  • 28. #identiverse Certain Differences -> can address different use-cases Issued to? me Relying Party Issued by? Authoritative Issuer Portable? (Identifier) Possible Within IdP Multi-Use? Yes One-Time Combining multiple cards? Yes Not used Issuer knows? Depends Yes Federated Sign-in Digital Card 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet
  • 29. #identiverse When are the use- cases enabled by the differences of “Digital Cards”?
  • 30. #identiverse Use-Case: Identity Governance Attribute-level Attestation 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful
  • 31. #identiverse Use-Case: Authentication at the Edge No Account Creation * * Need a verifier who is ok not to create an account
  • 32. #identiverse Use-Case: Supply Chain Scale across thousands of organizations + independent from the Issuer Availability + Ad-Hoc Trust* Possible 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful * When decision whether to trust a source of a request/response can be made when receiving that request/response (at a runtime)
  • 33. #identiverse Beyond Technical Integration: Legal Agreements, Compliance, etc. (not a new problem) Digital Cards model Issuer (Website) Verifier (Website) Holder (Digital Wallet) Legal agreement* Legal agreement* Legal agreement* Federated Sign-in Identity Provider (Issuer) Relying Party (Verifier) End- User Legal agreement 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful * Can be ad-hoc trust or a legal agreement.
  • 34. #identiverse Use-Case: Digital Driving License Public Perception 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful
  • 35. #identiverse Benefits of Digital Cards Public Perception Scale Cross- Organization Trust + independent from the Issuer Availability No Account Creation (e.g. Authentication at the Edge) Attribute-level Attestation 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful
  • 36. #identiverse Isn’t this talk about “Verifiable Credentials”?
  • 37. #identiverse Meet Verifiable Credentials The idea of Verifiable Credentials is to design components and mechanisms necessary to use “Digital Cards”. Multiple design choices possible.
  • 38. #identiverse Data-Models and Credential Formats of Verifiable Credentials * ISO/IEC 18013-5 mDL provided by Zetes Industries S.A. Verifiable Credentials W3C Verifiable Credentials Data Model JWT-VC LDP-VC AnonCreds mDL data model CBOR- encoded, COSE signed JSON- encoded, JSON signed* SMART Health Cards … …
  • 39. #identiverse Standards that enable Verifiable Credentials Component Standards Exchange Protocol OpenID for VC Issuance, OpenID for VPs Subject-Signed Authentication Self-Issued OpenID Provider v2 Credential Formats W3C JWT-VC, W3C LDP-VC, ISO mDL, IETF SD-JWT, etc.… Entity Identifier DID methods, Raw keys, X.509 certs, etc. Cryptography EdDSA, ES256K, etc. Revocation Status List 2021, Revocation List 2020, Accumulators, etc. Trust Frameworks Trusted Registries, Ledgers, etc.
  • 40. #identiverse How to find your peaceful spot for your use-case inside a Verifiable Credentials ecosystem? - Scope - Enterprise / Consumer / Government - Market - Established / Emerging - Use-Cases - High Assurance / Low Assurance - Identity of - Individual / Legal Entity / Machine Key Slide
  • 41. #identiverse Food for thought - Attestations to prove security of a digital wallet? - Usage of the Cloud components? - Will Verifiers request digital cards more often than needed? - Attributes of each user in one place – higher risk for hacking? - Maturity of the Trust Frameworks? … 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful 4. Verifiable Credentials: Pros and Cons
  • 42. #identiverse What we did not talk about - Revocation - Selective Disclosure - Refresh - Delegation / Guardianship use-cases - Unlinkability - (Web3 – digital cards are possible without blockchain/DLT) … 1. Physical wallet and emerging digital wallet 2. Federated sign-in and emerging digital wallet 3. Use-Cases when digital wallet is useful 4. Verifiable Credentials: Pros and Cons
  • 43. #identiverse Now that you know what verifiable credentials are good for… Where in a verifiable credentials ecosystem does your use-case belong to? What aspects need a deep-dive to realize your use-case?* * Business? Legal? Technical? Standards? else?
  • 44. #identiverse * Session may be called “Building Secure, Trusted and Interoperable Self-Sovereign Identity with OpenID Connect” in some parts of the Identiverse website. *
  • 45. #identiverse Yes, flexibility of verifiable credentials is both exciting and confusing.
  • 46. #identiverse But with a little bit of imagination your use-case will find a cool spot.
  • 48. #identiverse Some Real-life Examples mobile Driving Licence Vaccination QR Code
  • 49. #identiverse Why these two are moving forward? mobile Driving Licence Vaccination QR Code • One large Verifier – TSA • No usage of Advanced Cryptography for Selective Disclosure or Predicates • Not doing Holder Binding • Make choices across technical stack to ensure interoperability (e.g. exchange protocols, credential format, data model, crypto suites, etc.) • Finding a verifier that does not require account creation • Focus on the existing ecosystems Mutual to both