What is SSI? (“How to avoid unconscious contractions”)

From: Self-Sovereign Identity Personal Data Usage Licensing (SSI-PDUL) Model: Solution Concept  whitepaper

Self-Sovereign Identity, as a standalone phrase or as an acronym (SSI), is a very confusing, overloaded, ambiguous term whose use should be avoided in all situations[1]. In a conversation, a blog post, an article, or a standards document, it could mean any of the uncontracted terms in the following figure.


[1] The most recent example of SSI confusion is the Principles of SSI document published by the Sovrin Foundation (https://sovrin.org/principles-of-ssi/). The document makes no attempt to define SSI nor state what SSI is intended to be an acronym for. Principles of SSI has resulted in a lot of confudsion (https://hyperonomy.com/2018/12/18/definition-confuding/) in the decentralized identifier communities as different working groups try to apply the Principles in new domains without first discerning: a) precisely which definition/application of SSI should be used and b) the types or categories of principles being represented in the document. Without first having a clear and precise definition for (a), successfully achieving (b) is almost impossible.

Figure 1. SSI: Unconscious Contractions

The term Self-Sovereign Identity (or its acronym SSI) could refer to any or all of the uncontracted terms in the above figure – unless an author has taken great care to be clear and precise with respect to every occurrence/usage of the term and/or its acronym.

What is Self-Sovereign Identity (SSI)? …really

To understand, in plain English, what a Self-Sovereign Identity (SSI) is, one must first recognize that “Self-Sovereign” is an adjective applied to the noun “Identity”. The TDW Glossary derivation of Self- Sovereign Identity is depicted in the model below.

Figure 2. TDW Glossary: Digital Identity Neighborhood

Narration

  1. Decentralized Identity is derived from (or is a specialization of) the term Digital Identity.
  2. Self-Sovereign Identity, in turn, is derived from (or is a specialization of) the term Decentralized Identity.
  3. In addition, Anonymous Self-Sovereign Identity and Non-anonymous Self-Sovereign Identity are derived from (or are a specialization of) the term Self-Sovereign Identity.

Key Definitions

Digital Identity

A Digital Identity aggregates:

  1. A Digital Identifier, and
  2. Associated Digital Identity Data.

Decentralized Identity

A Decentralized Identity is a Digital Identity that is Verifiable.

A Decentralized Identity is often persisted in a Verifiable Data Register.

Self-Sovereign Identity

A Self-Sovereign Identity is a Digital Identity whose Digital Identity Owner has the right to exclusively and permanently exert control over the usage of one or more associated Personal Digital Identifiers and, independently, the usage of any associated Personal Identity Data associated with each Personal Digital Identifier.

Because a Self-Sovereign Identity is a specialization of Decentralized Identity, a Self-Sovereign Identity is also Verifiable.

Digital Identity Owner

A Digital Identity Owner is an entity that may be held legally accountable. Digital Identity Owners includes Persons and Organizations but does not include Things. The actual legal accountability of an Identity Owner for any particular action depends on many contextual factors including the laws of the applicable jurisdiction, etc. [Sovrin Glossary]

Anonymous Self-Sovereign Identity

An Anonymous Self-Sovereign Identity is a Self-Sovereign Identity whose Personal Digital Identifier is associated with (or governed by) an Anonymous Digital Identifier Method.

Non-anonymous Self-Sovereign Identity

A Non-anonymous Self-Sovereign Identity is a Self-Sovereign Identity whose Personal Digital Identifier is associated with (or governed by) a Non-anonymous Digital Identifier Method.

Personal Digital Identifiers

A Personal Digital Identifiers is a Digital Identifier associated with a Person as the Subject of the identifier.

Personal Digital Data

Personal Digital Data is Digital Identity Data associated with a Personal Digital Identifier; and hence, a Person as the subject of the identifier.

Anonymous Digital Identifier Method

An Anonymous Digital Identifier Method is a Digital Identifier Method designed to guarantee anonymity and privacy for the Subject of a conforming Digital Identifier.

Non-anonymous Digital Identifier Method

A Non-anonymous Digital Identifier Method is a Digital Identifier Method that does not guarantee anonymity nor privacy for the Subject of a conforming Digital Identifier.

Self-Sovereign Identity Model (SSI Model)

The next most commonly (and generically) used term is Self-Sovereign Identity Model (SSI Model).

The Self-Sovereign Identity Model (SSI Model) is an identity system architecture based on the core principle that Identity Owners have the right to permanently exert control over the usage of one or more of their Personal Digital Identifiers and, independently, the usage of any associated Personal Identity Data. [inspired by the Sovrin Glossary]

2 Comments

February 1, 2021 · 1:04 pm

2 responses to “What is SSI? (“How to avoid unconscious contractions”)

  1. Tayken

    I’m not sure I agree that SSI should be avoided in ALL situations, but do agree that “unconscious contractions” often create more harm than good. My sense is that it’s stories/narratives that are missing from the equation. To follow “to understand, in plain English” with a complex model (figure 2) is equally problematic if broad accessibility is the goal. Thanks for this and excited to continue pushing and prodding, always forward 🙂

    Like

    • Thank you for the feedback. I will be adding a simple user scenario following the definition of Self-Sovereign Identity to help make the article appeal to a broader audience. Thank you again, Michael

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s