Organizational Wallet

From IIW

Organizational Wallet


Thursday 19H

Convener: Chris Buchanan (MITRE)

Notes-taker(s): Neil Thomson (QueryVision)

Tags for the session - technology discussed/ideas considered: Guardianship / Organization / Dependent Wallets

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


Organizations are another form of dependent identity. Solving for dependent identity necessary for transition from federation to decentralization. MITRE is working on the model for organizational wallets with intent to transition that capability to government sponsors and would like the SSI community’s input on the solution.

Key conclusions of MITRE’s research to date:

  • Organization/Individual delegation responsibility and relationships (vs. talking about wallets).
  • Need a framework for delegation.
  • No definition of a Decentralized Identity, which is clearly NOT self sovereign.
  • What other identities are not “self” sovereign?

<Chris Buchanan to provide link to presentation>

IIW30 TH 19H Organizational Wallet (1of9).jpg

IIW30 TH 19H Organizational Wallet (2of9).jpg

IIW30 TH 19H Organizational Wallet (3of9).jpg

IIW30 TH 19H Organizational Wallet (4of9).jpg

IIW30 TH 19H Organizational Wallet (5of9).jpg

IIW30 TH 19H Organizational Wallet (6of9).jpg

IIW30 TH 19H Organizational Wallet (7of9).jpg

IIW30 TH 19H Organizational Wallet (8of9).jpg

IIW30 TH 19H Organizational Wallet (9of9).jpg

Responsible for DID from the perspective on how you appear online

Organizational wallet work on hold due to identity (due to COVID-19)

Dependent identity - (incompetent individual - child)

Government Agencies inherit authority from the government

Looked at difference between inherent to inherited authority, in reality it does not actually exist

Mitre cannot get rid of Active Directory, because it cannot be in charge of itself - so cannot self sovereign identity itself

So that was a driving use case for an organizational wallet

Problem 2 - How does a dependent person, where does the authority come from to self-identify? Organization is liek a dependent

Problem 3 - actuation - (see slide 2)

Differential Analysis

[Dependent] wallet and agent blur

An Independent entity has to prove it has authority over a Dependent Ideentity and which scope.

Starts to look like the Active Directory model

Assumptions

dependent identity doesn't appear out of nowhere (child). Independent creates the dependent
Dependent chain of delegation traceable to an Independent Identity
Dependent actions/operations must be traceable to the related Independent [authority] source

Model of Genesis

starts with a human interacting with software (responsible agent(s))
DMV inherits from the Governors office

Responsible agent - people with fiduciary responsibility over the dependent (advocate)

Additional Ecosystem Roles required

Trusted Agent (e.g. NIST SP 800-63A)
access) Role Manager (e.g. AWS Identity Access Manager)

Darrel: CIOs do not want to hand over control to SSI system. CIOs will now get locus of control they did not have, but should have had. When I sign off on SSI for the organization. Organizations will want traceability, where SSI permits non-traceable.

Actual privacy will change - in a different way - you will not be unknown. Goverments will be able to pierce the anonymity.

Chris: defining the specifications/behavior of the Trust Agent and Role Manager - which mentally maps to the AWS IAM

Paul: One wallet for the whole organization (including individuals)? is this there to verify relationships?

Chris: Organization has a wallet, but individuals have individual wallets. Organization will allocate credentials to the individual wallets

Paul: Pan Canadian Identity model in Canada. Org representative ability to act on behalf of the organization (wallet) - someone with "signing authority". Delegated to present organization credentials? and Act on behalf of the organzation (in a role)

Chris:

DMV model with license issue. individual wants state of Virginia to "Sign" the license, not the person behind the counter. Direct signaturs from the state. Sally has a credential to ask the organizational wallet to sign the license (issue the credential) fpr the driver
If you are an officer within the DMV is that you (in that role) to generated the credential directly vs. via the organizational wallet

Paul: Governance - Busines registry has authority to issue and verify credentials.

Chris: Not talking about just an agent or wallet, but a combined endity

Paul: organization does need the ability to delegate authority

Chris: Drummon Reid and I have talked about this combined function (needs a new role/name) - it's really a organizational identity system

Chris: recognize that need use cases and interaction diagrams. Will clarrify the distinction

Richard: ARES, Glossary E covers some of these issues. Some wallets follow the model of being a bucket of credentials. Others, split up the accountabiltiy across multiple individuals, where the individuals have a wallet, but not the organization or hybrid

Chris - we are using a hybrid - both Org/Individual wallets with delegated relationships.

Will Groah: Where is this going? See this merging with Marla Ozarowski

on Grants Management

Chris: working with State of Maryland - use case licensing of charities. Transition path do a reference implementation within the State. It's a complex system (not just state and charity)

Will: Grant Management/Org wallet overlap, will converge? Both have mutual problems to solve (even)

Margo: Session on Glossary session on working definitions (later today). Vocabulary needed to differentiate these terms. How a could an organization communicate what roles/permissions to other organzations on how external organizations work with it.

Chris: Current use case does not involve working with other SSI systems. How do we move away from federated identity. To do so you need an organzation "wallet/agent". Otherwise you are in limbo (neither federated or decentralized)

Margo: Transition will be difficult (my house, my rules) from Federated to decentralized. Don't want to share need to know information outside the organization

Chris: lots of people thinking about it. Competing ideas/implementations. Happy to contribute a base for a reference architecture.

Paul: How would model work for individuals who representative of multiple organizations (PAD or insurance agent)? Combined wallet or wallet per organizations.

Chris: Wallet could handle credentials from multiple organizations. Charities must agent to collect funds. With non-trivial set of interactions (multiple organization and individual wallets/agents). Lots of inter-credentialling. State <-> Charity <-> Agent (and back to State)

Paul: PAD (Patent Agent) agent example - rep for 10 companies. Need credentials for each company. Wallet for each or Wallet with sub-wallets.

Chris: one app on the phone. Credential is an independent item that can be presented from a single wallet.

Chris: Identity is transactional within a context. If you are being asked for verifiable presentation. The Patent office has to spec that corporations issue a specific patent office credential to PA.

Paul: so could have diffent "folders"/containers for each company credential sets that you representation. The service says here is the type of credential, which the wallet presents and the individual picks which instance of the credential to present

What will make sense to the business user (the human agent)

Chris: not much demand for this from a UX for this (back end). For the human selecting in the wallet, this is a simple selection process. Implementation issue for Wallet. Mitre in the business of the back end reference architecture

Chris: want to have organizational signatures. Dependent (corp or child). When to use the identity in a transation, you want that to be actual entity is the dependent entities signature. Have role based access to control to make that happen (acting on behalf of the depedent for the dependent to "sign"). Could be via a Quorum mechanism. Family custody may dictate may be several appointed family members (e.g parents die, god parent authenticated to act). Don't want to limit the wallet functionality, but cover the 6 key functions outlined in the presentation

The key piece is the Gensis of the Dependent/Independent roles/permissions.

Such as vehicle where the owner can delegate to the mechanic to do certain operations on the vehicle (which is the dependent)

Chris: How we deal with dependent/independent relationships in a corporate setting is the key aspect.