Organizational Wallet
Organizational Wallet
Thursday 19H
Convener: Chris Buchanan (MITRE)
Notes-taker(s): Neil Thomson (QueryVision)
Tags for the session - technology discussed/ideas considered: Guardianship / Organization / Dependent Wallets
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Organizations are another form of dependent identity. Solving for dependent identity necessary for transition from federation to decentralization. MITRE is working on the model for organizational wallets with intent to transition that capability to government sponsors and would like the SSI community’s input on the solution.
Key conclusions of MITRE’s research to date:
- Organization/Individual delegation responsibility and relationships (vs. talking about wallets).
- Need a framework for delegation.
- No definition of a Decentralized Identity, which is clearly NOT self sovereign.
- What other identities are not “self” sovereign?
<Chris Buchanan to provide link to presentation>
Responsible for DID from the perspective on how you appear online
Organizational wallet work on hold due to identity (due to COVID-19)
Dependent identity - (incompetent individual - child)
Government Agencies inherit authority from the government
Looked at difference between inherent to inherited authority, in reality it does not actually exist
Mitre cannot get rid of Active Directory, because it cannot be in charge of itself - so cannot self sovereign identity itself
So that was a driving use case for an organizational wallet
Problem 2 - How does a dependent person, where does the authority come from to self-identify? Organization is liek a dependent
Problem 3 - actuation - (see slide 2)
Differential Analysis
- [Dependent] wallet and agent blur
An Independent entity has to prove it has authority over a Dependent Ideentity and which scope.
Starts to look like the Active Directory model
Assumptions
- dependent identity doesn't appear out of nowhere (child). Independent creates the dependent
- Dependent chain of delegation traceable to an Independent Identity
- Dependent actions/operations must be traceable to the related Independent [authority] source
Model of Genesis
- starts with a human interacting with software (responsible agent(s))
- DMV inherits from the Governors office
Responsible agent - people with fiduciary responsibility over the dependent (advocate)
Additional Ecosystem Roles required
- Trusted Agent (e.g. NIST SP 800-63A)
- access) Role Manager (e.g. AWS Identity Access Manager)
Darrel: CIOs do not want to hand over control to SSI system. CIOs will now get locus of control they did not have, but should have had. When I sign off on SSI for the organization. Organizations will want traceability, where SSI permits non-traceable.
Actual privacy will change - in a different way - you will not be unknown. Goverments will be able to pierce the anonymity.
Chris: defining the specifications/behavior of the Trust Agent and Role Manager - which mentally maps to the AWS IAM
Paul: One wallet for the whole organization (including individuals)? is this there to verify relationships?
Chris: Organization has a wallet, but individuals have individual wallets. Organization will allocate credentials to the individual wallets
Paul: Pan Canadian Identity model in Canada. Org representative ability to act on behalf of the organization (wallet) - someone with "signing authority". Delegated to present organization credentials? and Act on behalf of the organzation (in a role)
Chris:
- DMV model with license issue. individual wants state of Virginia to "Sign" the license, not the person behind the counter. Direct signaturs from the state. Sally has a credential to ask the organizational wallet to sign the license (issue the credential) fpr the driver
- If you are an officer within the DMV is that you (in that role) to generated the credential directly vs. via the organizational wallet
Paul: Governance - Busines registry has authority to issue and verify credentials.
Chris: Not talking about just an agent or wallet, but a combined endity
Paul: organization does need the ability to delegate authority
Chris: Drummon Reid and I have talked about this combined function (needs a new role/name) - it's really a organizational identity system
Chris: recognize that need use cases and interaction diagrams. Will clarrify the distinction
Richard: ARES, Glossary E covers some of these issues. Some wallets follow the model of being a bucket of credentials. Others, split up the accountabiltiy across multiple individuals, where the individuals have a wallet, but not the organization or hybrid
Chris - we are using a hybrid - both Org/Individual wallets with delegated relationships.
Will Groah: Where is this going? See this merging with Marla Ozarowski
- on Grants Management
Chris: working with State of Maryland - use case licensing of charities. Transition path do a reference implementation within the State. It's a complex system (not just state and charity)
Will: Grant Management/Org wallet overlap, will converge? Both have mutual problems to solve (even)
Margo: Session on Glossary session on working definitions (later today). Vocabulary needed to differentiate these terms. How a could an organization communicate what roles/permissions to other organzations on how external organizations work with it.
Chris: Current use case does not involve working with other SSI systems. How do we move away from federated identity. To do so you need an organzation "wallet/agent". Otherwise you are in limbo (neither federated or decentralized)
Margo: Transition will be difficult (my house, my rules) from Federated to decentralized. Don't want to share need to know information outside the organization
Chris: lots of people thinking about it. Competing ideas/implementations. Happy to contribute a base for a reference architecture.
Paul: How would model work for individuals who representative of multiple organizations (PAD or insurance agent)? Combined wallet or wallet per organizations.
Chris: Wallet could handle credentials from multiple organizations. Charities must agent to collect funds. With non-trivial set of interactions (multiple organization and individual wallets/agents). Lots of inter-credentialling. State <-> Charity <-> Agent (and back to State)
Paul: PAD (Patent Agent) agent example - rep for 10 companies. Need credentials for each company. Wallet for each or Wallet with sub-wallets.
Chris: one app on the phone. Credential is an independent item that can be presented from a single wallet.
Chris: Identity is transactional within a context. If you are being asked for verifiable presentation. The Patent office has to spec that corporations issue a specific patent office credential to PA.
Paul: so could have diffent "folders"/containers for each company credential sets that you representation. The service says here is the type of credential, which the wallet presents and the individual picks which instance of the credential to present
What will make sense to the business user (the human agent)
Chris: not much demand for this from a UX for this (back end). For the human selecting in the wallet, this is a simple selection process. Implementation issue for Wallet. Mitre in the business of the back end reference architecture
Chris: want to have organizational signatures. Dependent (corp or child). When to use the identity in a transation, you want that to be actual entity is the dependent entities signature. Have role based access to control to make that happen (acting on behalf of the depedent for the dependent to "sign"). Could be via a Quorum mechanism. Family custody may dictate may be several appointed family members (e.g parents die, god parent authenticated to act). Don't want to limit the wallet functionality, but cover the 6 key functions outlined in the presentation
The key piece is the Gensis of the Dependent/Independent roles/permissions.
Such as vehicle where the owner can delegate to the mechanic to do certain operations on the vehicle (which is the dependent)
Chris: How we deal with dependent/independent relationships in a corporate setting is the key aspect.