Self-Sovereign Identity (SSI): Comparison
Please note this is a comparison between Version 1 by Parul Agarwal and Version 3 by Dean Liu.

Self-sovereign identity (SSI), a new concept, is becoming more popular as a secure and reliable identity solution for users based on identity principles. SSI provides users with a way to control their personal information and consent for it to be used in various ways. In addition, the user’s identity details are stored in a decentralized manner, which helps to overcome the problems with digital identity solutions.

  • land registry
  • SSI compliance
  • identity principle

1. Introduction

A recent survey highlighted that 37% of employees in US firms reset their passwords more than 50 times each year and have been losing around 426 USD annually due to password glitches, in addition to the fact that this is affecting their efficacy at work [1]. Additionally, a world bank survey revealed that around 14% of the global population lacks proof of identity in any form [2][3][2,3]. Providing individuals with an identity and maintaining secure and reliable identity storage are major challenges. Compared with providing individuals with an identity, managing a secured and reliable identity is a far more significant challenge. In a recent incident, Cambridge Analytica leaked 87 million Facebook users’ PII details due to a security breach in the system of a third-party service provider [3]. There are many examples of data breaches due to the centralized nature of data recordings and the use of third-party service providers. Digital identities and their security are becoming more critical with the advancement and adaptation of online services.
The land registry system provides a way to transfer land ownership while protecting the rights of the people, which increases the trust among people. There are numerous loopholes in the current land registry system which pose risks for crimes such as land stealing or force land-grabs, resulting in most civil court cases. Most of these cases take months, years, or even decades to resolve since they go from local courts to the Supreme Court. Plus, majority of people in the country do not have the time and money they would need to spend on these cases [4][5][4,5].
The main problem with the current system is inadequately coordinated information across different government departments that are not coordinated adequately, making it easy for unscrupulous officials to modify official land records. Many fraud cases related to land titling are only detected locally, which means that a centralized system is insufficient in this case [6]. As a result, land records may be tampered with, and forged.
Verifying the identity of all participants in a transaction is essential to avoid fraud [7]. Current land registry systems have several shortcomings which can be avoided by utilizing blockchain technology [8]. A limitation in blockchain-based land registry systems is the lack of suitable identity solutions [9][10][11][9,10,11]. The use of a digital identity in blockchain-based land registry systems saves time, decreases the fraud risk, and reduces data loss [12]. The SSI concept fills this gap by providing a decentralized identity and giving individuals complete control over their identities and personal data [13].
Self-sovereign identity (SSI) is a next-generation identity management model that secures and manages reliable identity records [14]. The identity records are stored in a decentralized manner and provide users with control over their identity details [15]. In this way, SSI can handle the shortcomings of traditional identity solutions. Users of SSI solutions have full control over their personal identity information (PII), and give their consent for using the PII. Therefore, the issues with the centralized storage and identity theft can be resolved [16][17][16,17]. SSI is a new paradigm, and several researchers are working in this domain to review it and analyze its applications; however, the academic literature is still limited. Some of the related literature can be found in [15][18][19][20][15,18,19,20]. In [18], the authors explored the concept of self-sovereign identity and presented its challenges and opportunities in a rather informal way. However, in [15][19][20][21][15,19,20,21], the authors focused on the application of self-sovereign identity to explore how a self-sovereign identity system could be built and developed.
SSI was designed based on Christopher Allen’s ten identity principles. SSI solutions must adhere to the following principles: existence, control, access, transparency, persistence, portability, interoperability, consent, minimalization, and protection [22]. At present, several initiatives and government agencies are actively developing SSI solutions on the blockchain platform. Several blockchain-based SSI frameworks, such as Sovrin [1], uPort [23], Civic [24], Blockstack [25], Selfkey [26], and ShoCard [27], are available and are being used in various domains. A successful SSI solution needs to comply with all the SSI principles [19][28][19,28]. None of the existing self-sovereign identity frameworks fully comply with the SSI principles. There are several building blocks for the development of an SSI framework. These building blocks are also referred to as SSI components. To identify SSI components for the SSI framework in compliance with SSI principles.
The essential purpose of SSI for land registry is to provide people with IDs so that they may communicate with land management services. There are approximately one billion people who have no access to identifying themselves. SSI allows individuals to build a gradually more secured and trustworthy identity in place of a government-issued identification document by collecting certificates from reputable third parties, such as a land registry and financial institutions [29]. Even with the lack of legal documents, SSI can help the public to establish evidence of property ownership, such as a certified survey plan or a notarized declaration. The SSI’s credentials should not be limited to only the digital equivalent of the traditional paper-based certificate, but should also provide a framework for transforming data into credentials that administrative entities can trust. For example, a person can submit proof of ownership claims utilizing their verified location history using a mobile carrier’s location verification, transaction details and land registry certificates [30].
In the absence of land registries, SSI may directly connect people to land plots while also providing a means for recording property claims and related data to gain access to additional services such as banking, loans, and government benefits. SSI holders can use a verifiable claim to land ownership. Individuals could submit a digital title to seek financial aid or agricultural subsidies. A verifiable claim is a permanent document established by a government institution that acknowledges the rights of a property owner at a specific point in time. The provable verifiable claim will be kept, even if property certificates are lost or the owners relocate [31][32][31,32]

2. Self-Sovereign Identity (SSI)

SSI solutions allow users to gain control over their personal identities. Users will decide precisely what information they need to reveal about themselves, to whom, and in which contexts. Under the SSI model, no one can prohibit a person from exercising basic human rights, such as the right to be expression and privacy. Individuals do not need to retain their identities physically. They can choose any identity operator. The pre-requisite for SSI is that digital identities must be scalable and interoperable across different platforms. Therefore, individuals are free to choose the identity operator and switch from one operator to another [33][34][75,76]. While no clear definition of SSI exists so far, a set of requirements have been defined as the key principles needed to function as an SSI [22]. These principles can be regarded as a criterion to check the existing identity solution to comply with these principles.
  • Existence: Users have an independent existence and are not dependent on the details found in their digital identifiers.
  • Control: Users have full control their identities and be able to transform, update, refer and hide them. Users have full authority to disclose or choose privacy on their identity details.
  • Access: Individuals should have access to their data and should have the ability to be able to retrieve it when necessary.
  • Transparency: Systems and algorithms used to handle and run digital identities must be accessible and transparent. The public must be able to track the operation and maintenance of the system.
  • Persistence: The identity must be long-lived, and the individual’s identity must be preserved for as long as the individual wants.
  • Portability: Information and resources concerning identity must be transportable, and not owned by a single third party, even though they are trusted.
  • Interoperability: Identities are available for common use in all contexts instead of being limited to one siloed environment.
  • Consent: Individuals should give consent to use their identities. The data sharing by third parties must occur with the consent of the data subject.
  • Minimization: The disclosure of claims should be kept to a minimum and should only be disclosed when necessary to perform a task.
  • Protection: The individual‘s right to privacy must be protected at all costs, even though this would go against the identity providers’ interests.
These principles would benefit the users and form the basis of the SSI solution and need compliance to provide an SSI solution to the users [22]. None of the SSI solutions today comply with all these principles [35][77]. Several competing SSI solutions have emerged during the development process, adopting various ideas and using different blockchains [36][37][78,79]. In [38][80], the authors reviewed the available SSI solutions based on blockchain and discuss their implementations concerning the SSI principles. An analysis of the SSI concept’s potential and evaluation of blockchain-based SSI solutions, namely Sovrin, Multichain, Blockstack and uPort has been carried out [39][74]. Comparative analyses of uPort and Sovrin were performed by reference [40][81]. A detailed analysis of the ShoCard Sovrin, Civic and uPort was carried out. These systems use certain decentralization techniques based on the author’s criteria and principles, none of which complied with the SSI requirements [35][77]. However, it is still rare for SSI systems to be compared with the SSI design principles. Therefore, to fill this gap in the next section, the researchers compared the existing blockchain-based self-sovereign identity (BC-SSI) solution uPort, Sovrin, Civic and ShoCard on the principle of SSI to identify whether the existing BC-SSI solution complies with the SSI principles or not.

3. Comparison of Self-Sovereign Identity Solutions on the SSI Principle

There are several SSI solutions available based on the blockchain platform. In Othis section, only uPort, Civic, ShoCard, and Sovrin have been shortlisted for comparison because of their innovative SSI identity management approaches. These SSI solutions cover the broader landscape of BC-SSI solutions. The analysis for each selected SSI solution to comply with the SSI principles is shown in Table 1. First, the analysis with uPort, which is an identity and communication platform based on the Ethereum blockchain [23], was conducted. Second, the Sovrin Foundation has set out to standardize and implement the SSI architecture using blockchain so that anyone can issue and verify [1]. Third, Civic offers an SSI ecosystem to allow low-cost and reliable access to identity verification and customer know your customer (KYC) processes [24]. Finally, the ShoCard-based identity ecosystem provides authentication, an attestation to the credentials, and proper authentication [27].

4. Steps and Requirements for SSI Adoption

For adopting and standardizing any new technology, there are several guidelines and regulations prescribed by government agencies and autonomous institutions authorized for standardizing such technologies. There is a range of guidelines for developing a digital identity framework. Some of the sources are International Telecommunication Union (ITU) [41][82], Financial Action Task Force (FATF) [42][83], European Union [43][84] and the Open Identity Exchange (OIX) [44][85]. Although these guidelines were not exclusive to self-sovereign identity, they also refer to the SSI application. Identity systems may be classified into three groups, depending on the legislation’s origins that define liability. There are three types of identity structures [44][85]. The Digital Identity Level I scheme is the law applicable to all digital identity solutions. Tier II is a public law applicable only to certain jurisdictions. Tier III is a contract law that many businesses are complying with. The type of digital identity scheme, according to the OIX, is shown in Table 2.
Table 12. Digital identity scheme and governing laws as per OIX.
Source for Rules Regulating Liability General Law Identity-Specific Law RequirementsContract-Based Rules
Description
Level 1 2 3
1
Type of rule Public Law Public Law Private Law
Usefulness Everyone within the jurisdiction Persons in ID system jurisdiction covered by the statute Entities that adhere to the terms of the contract
Numerous steps are required to create a scalable, operational and autonomous SSI ecosystem. Such measures can differ based on the amount of government involvement. Table 3 shows the requirements for the governments to adopt the SSI model. Many governments allow users to use digital identities at the national level. In Estonia, the national ID card system offers access to all electronic facilities, such as banking, and is used by 98% of the population [45][86].
Table 23. Requirement for the adoption of SSI by governments.
S.No
Creating a trustworthy registry The government shall establish and manage the public register. If people want to use a blockchain network, they need to define who can join the network and who can not.
2 Build new digital wallets Certain government organizations have been granted the authority to trusted digital wallets providers.
3 Attractions of individuals The government would allow its citizens to register their digital IDs for government-based services to promote e-government services.
4 Development of DIDs The government would require one DID method and allow wallet providers to use it.
5 Identification of standards Recognition of decentralized identifiers and verifiable credentials must be adopted by world leaders such as ISO, ITU, IEEE or NIST.
6 Issuing of verifiable

credentials/certifications
The government will develop relevant systems and protocols for issuing digital ID documents (e.g., a digital passport).
7 Acceptance by service providers The authentication of SSI-compliant digital identities is more convenient for service providers because they can verify customers more easily, more effectively and with higher security levels.
The SSI approach would allow governments to issue digital IDs that can be used to access any digital services without significant infrastructure and additional obligations. Governments register identity records in blockchain and trust lists using a self-sovereignty strategy. The government will no longer have the responsibility of verifying to make sure that the certificates are valid. In the SSI system, the government only needs to issue digital certificates and register cryptographic proofs in certificates in a public and decentralized network, removing the government’s need to maintain additional infrastructure [46][47][87,88]. Individuals will have full control over the sharing of data. The government does not need to validate and authorize digital credentials issued by government agencies explicitly.
Video Production Service