Definition

self-sovereign identity

Alexander S. Gillis

By

Alexander S. Gillis, Technical Writer and Editor

Published: Dec 29, 2022

What is self-sovereign identity?

Self-sovereign identity (SSI) is a model for managing digital identities in which individuals or businesses have sole ownership over the ability to control their accounts and personal data. Individuals with self-sovereign identity can store their data to their devices and provide it for verification and transactions without the need to rely upon a central repository of data. With self-sovereign identity, users have complete control over how their personal information is kept and used.

In all models of identity management, a digital identity requires identifiers that ensure users are who they say they are. With self-sovereign identity, however, identifiers do not need an intermediary. This means a user's self-sovereign identity can be registered to a claim, such as a block on a blockchain. The person can then share that identifying data when making a transaction, for example, with a bank.

With self-sovereign identity, users can enter an app on their phone where their identity data is stored, then use an identification number and identity information to verify who they are. Self-sovereign identity adds security and flexibility to users and enables them the ability to share data only when they choose.

Self-sovereign identity concepts

Self-sovereign identity is made up of claims, proofs and attestations:

A claim is an assertion of identity made by the user.
Proofs are the forms or documents that act as evidence for a claim. For example, a proof could be a passport or birth certificate.
An attestation, or validation, is when the other party validates the claim is true. Attestations can be stored in the user's device and are typically machine readable.

Pros and cons of self-sovereign identity

Some pros to using self-sovereign identity include the following:

It is more secure and prevents common attacks to personal data, such as breaches.
Data is more private.
Users have a higher control over their own data.
The process is more efficient.
Users do not have to rely on identity providers that may sell and monetize their data.

Cons of self-sovereign identity include the following:

Users are responsible for their own security.
Multiple identity platforms may be required, meaning users may have to use multiple apps.
Keeping track of personal data and permissions can be complex.
Certain data intermediaries may not be removable.
Proof data is normally unstructured and could be easily faked.

Continue Reading About self-sovereign identity

8 best practices for blockchain security

10 ways blockchain can improve IAM

5 IAM trends shaping the future of security

Blockchain for identity management: Implications to consider

Digital identity: Leveraging the SSI concept to build trust

Dig Deeper on Identity and access management

Search Networking

Arista buys VeloCloud from Broadcom
Arista fills a gap in its portfolio with VeloCloud's SD-WAN capabilities.
HPE's Mottram touts key Aruba Networking AI advancements
The infrastructure company is injecting AI throughout its business, including its networking arm, which will harness the power of...
3 pillars to enhance networks for agentic AI infrastructure
Agentic AI requires better network infrastructure to prevent wasted GPU capacity, built on three principles: simplified ...

Search CIO

Help desk vs. service desk: What's the difference?
Help desks deliver tactical, immediate technical support for specific issues, while service desks offer strategic, comprehensive ...
In an FTC antitrust win, Meta could face divestitures
The FTC argues that Meta acquired Instagram and WhatsApp to eliminate competition in social media networks. If the FTC wins its ...
Google settlement may affect DOJ antitrust remedies
Google faces numerous antitrust challenges and has agreed to spend $500 million revamping its regulatory compliance structure in ...

Search Enterprise Desktop

Comparing MSI vs. MSIX
While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...
How to perform an in-place upgrade to Windows 11
While they have some disadvantages, in-place Windows upgrades can deliver a smooth transition between the OSes with minimal IT ...
How to set up Windows Hello for Business, step by step
Licensing for Windows Hello for Business is a simple process, but the setup involves making several decisions, including how to ...

Search Cloud Computing

Prioritize security from the edge to the cloud
Businesses can find security vulnerabilities when they push their workloads to the edge. Discover the pitfalls of cloud edge ...
6 edge monitoring best practices in the cloud
When it comes to application monitoring, edge workloads are outliers -- literally and metaphorically. Learn what sets them apart ...
Google Cloud, Cloudflare struck by widespread outages
Multiple companies investigated a widespread outage Thursday. Google Cloud later said it was due to a faulty API update and ...

ComputerWeekly.com

From the FBI to F&A: lessons learnt in safeguarding systems and data
One chief information security officer shares her experience of marshalling what she learned at the FBI for business security, ...
O2 boosts 4G, 5G network capacity
Ahead of the forthcoming holiday rush this summer, leading UK operator announces mobile upgrades in over 13,000 Scottish postcodes
Boost for European space sovereignty as Open Cosmos gets Connected
Open Cosmos acquires Portuguese startup Connected to offer affordable, standardised IoT services from space, with the firm ...

Close