Decentralized Identifiers: Personal Information and Claims, the easy guide
This is the third post on an educational series about Self-Sovereign Identity and Decentralized Identifiers.
IDs. It doesn’t matter if they are issued by the government, educational institutions or our working place, they are a part of our daily lives and are used to assert certain information about us, providing benefits when used in the physical world.
In our previous post we’ve introduced the concept of Decentralized Identifiers (DID): cryptographically secure, privacy respecting, and machine-verifiable identifications. These IDs can represent the same information that a physical credential represents but the added blockchain technology makes them more trustworthy.
So, what’s behind DIDs? What are its main components?
- Holder: an entity possessing one or more verifiable credentials and generating presentations from them. Like students, customers, and employees.
- Issuer: An entity creating a verifiable credential, associating it with a specific subject and transmitting it to a holder. Examples of these are corporations, governments or non-profit organizations.
- Subject: an entity that might have one or more verifiable credentials asserted about it. In many cases the holder of a verifiable credential is the subject, but not always.
- Verifier: an entity requesting and receiving a verifiable presentation that proves the holder possesses the required verifiable credentials with certain characteristics.
- Verifiable data registry: a system mediating the creation and verification of identifiers, keys, and other relevant data.
Once we have these concepts clear, we can move to the core data model, formed by personal information, claims, verifiable credentials and verifiable presentations. In this post we’ll talk about the first two points.
Personal data includes government-issued identifiers, shipping address and full names, among others, which can be easily used to determine, track and correlate an entity. This data is sensitive and susceptible to privacy violations, even the data that doesn’t seem personally identifiable can expose a lot of ourselves. For example, the combination of birthdate and a postal code can have a very powerful correlation and de-anonymizing capabilities.
Put it simple, a claim is a statement about a subject. Claims are expressed using subject — property — value relations.
The model shown above can be used to express a big variety of statements. For example, whether someone graduated from a particular university:
That is not all. Individual claims can be combined to express a graph of information about a subject. A graph is a network of information composed of subjects and their relationship to other subjects or data. The example below extends from the previous one and adds the claim that Pat knows Sam and that Sam is employed as a professor.
Simple, right? We’ll go a little deeper in the next post where we’ll discuss verifiable credentials and verifiable presentations. After all these concepts have been understood we can move on and explain what an Identity Hub is and how it can help us to keep our identity safe.