Definition

self-sovereign identity

Alexander S. Gillis

By

Alexander S. Gillis, Technical Writer and Editor

What is self-sovereign identity?

Self-sovereign identity (SSI) is a model for managing digital identities in which individuals or businesses have sole ownership over the ability to control their accounts and personal data. Individuals with self-sovereign identity can store their data to their devices and provide it for verification and transactions without the need to rely upon a central repository of data. With self-sovereign identity, users have complete control over how their personal information is kept and used.

In all models of identity management, a digital identity requires identifiers that ensure users are who they say they are. With self-sovereign identity, however, identifiers do not need an intermediary. This means a user's self-sovereign identity can be registered to a claim, such as a block on a blockchain. The person can then share that identifying data when making a transaction, for example, with a bank.

With self-sovereign identity, users can enter an app on their phone where their identity data is stored, then use an identification number and identity information to verify who they are. Self-sovereign identity adds security and flexibility to users and enables them the ability to share data only when they choose.

Self-sovereign identity concepts

Self-sovereign identity is made up of claims, proofs and attestations:

A claim is an assertion of identity made by the user.
Proofs are the forms or documents that act as evidence for a claim. For example, a proof could be a passport or birth certificate.
An attestation, or validation, is when the other party validates the claim is true. Attestations can be stored in the user's device and are typically machine readable.

Pros and cons of self-sovereign identity

Some pros to using self-sovereign identity include the following:

It is more secure and prevents common attacks to personal data, such as breaches.
Data is more private.
Users have a higher control over their own data.
The process is more efficient.
Users do not have to rely on identity providers that may sell and monetize their data.

Cons of self-sovereign identity include the following:

Users are responsible for their own security.
Multiple identity platforms may be required, meaning users may have to use multiple apps.
Keeping track of personal data and permissions can be complex.
Certain data intermediaries may not be removable.
Proof data is normally unstructured and could be easily faked.

This was last updated in December 2022

Continue Reading About self-sovereign identity

8 best practices for blockchain security

10 ways blockchain can improve IAM

5 IAM trends shaping the future of security

Blockchain for identity management: Implications to consider

Digital identity: Leveraging the SSI concept to build trust

Dig Deeper on Identity and access management

Networking

Cut through 5G hype with the latest insights
Network complexity has made 5G difficult for telecom providers to enable, which has delayed global development. These insights ...
Hybrid work drives changes to on-premises networks
Remote and hybrid work are forcing changes to on-premises networks, such as increased bandwidth, upgraded Wi-Fi connectivity and ...
How enterprises can migrate from IPv4 to IPv6
Both IPv4 and IPv6 are suitable for enterprise networks, but organizations that want to switch over to the latest IP address ...

CIO

U.S. government shutdown would crush CHIPS Act momentum
A U.S. government shutdown would significantly impact implementation of the CHIPS and Science Act of 2022 as federal workers ...
6 alternatives to blockchain for businesses to consider
Technologies like cloud storage and distributed databases provide some of blockchain's data-integrity and reliability advantages ...
Why cloud governance is shifting to business stakeholders
Balancing value creation with innovation is a constant challenge for organizations. Here's what to consider when evaluating the ...

Enterprise Desktop

Intel promotes new computing era with AI PC
Intel says its upcoming Core Ultra will help lead personal computing to the AI PC era by making AI processing a mainstream task ...
4 ways that I use generative AI as an analyst
Many use cases for generative AI involve projecting to the future and aren't currently easy to use. However, these four use cases...
How to handle rugged device management in the enterprise
Certain endpoint use cases require ruggedization to ensure devices aren't physically compromised. IT still needs to manage these ...

Cloud Computing

3 rules to avoid high multi-cloud integration costs
When using multiple cloud providers, integration costs can grow quickly. To prevent billing surprises, enterprises must carefully...
Oracle databases in OCI now run on Microsoft Azure
A new partnership between two enterprise technology giants adds Oracle's hardware and software for Microsoft Azure customers, as ...
On-premises data centers play key role in distributed clouds
Enterprise Strategy Group's Scott Sinclair shares survey results on the benefits and challenges of managing distributed clouds. ...

ComputerWeekly.com

Cisco snaps up Splunk in $28bn application observability deal
The acquisition builds out Cisco’s observability portfolio, with AI-based full-stack observability for hybrid cloud environments
‘Top’ ransomware gangs favour smaller businesses
Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller ...
Poor digital experience a blocker for cyber resilience
Organisations that neglect the digital employee experience are not only vulnerable to employee attrition, but putting themselves ...

Close