Making it easier for individuals to choose the right option based on their specific context and requirements.
Businesses can derive significant commercial benefits by mitigating the potential harms in digital identity ecosystems.
Judith Fleenor, ToIP’s new Executive Director, talks to John Jordan about her top three priorities for 2023 in her new role, her reaction to her appointment, and more.
How a new ToIP white paper provides a systemic view of how human harms function in digital identity ecosystems – and how to mitigate them
While many self-sovereign identity solutions offer tools for individuals, a government team from Canada is using digital trust technology to improve sustainability reporting in the natural resource sector for organizations.
The Government of British Columbia (B.C.) – a Trust Over IP (ToIP) Steering Committee Member – initiated the Energy & Mines Digital Trust (EMDT) project under the Ministry of Energy, Mines and Low Carbon Innovation (EMLI) to facilitate the transition to a resilient, clean economy. EMDT’s pilot enables a collaborative digital ecosystem between the B.C. government, natural resource companies, and organizations around the world to improve sustainability reporting using digital credentials. Digital credentials make sustainability reporting more efficient, enhance business-to-business trust, and protect data from manipulation. Digital credentials can be checked in real time, expediting access to trustworthy information. These trusted, verifiable digital credentials are the core digital trust technologies being piloted and the trust ecosystem in which they operate are defined in ToIP architecture, governance, and related documents.
Join members of the open-source community as they share projects, discuss problems, and collaborate on new solutions at three Linux Foundation conferences this September. Attend one of three sessions featuring EMDT’s business application of digital credentials with Nancy Norris, Senior Director of ESG & Digital Trust in the Ministry for Energy, Mines and Low Carbon Innovation for the Government of British Columbia, and Kyle Robinson, Senior Strategic Advisor.
- Hyperledger Global Forum, September 12: Learn how EMDT is enabling and accelerating the B.C. government’s entry into a digital trust ecosystem by creating a simple and secure way to share sustainability data, certifications, and credentials.
- Trust Over IP Summit, September 14: In Session 2, witness a demo, exchanging digital credentials between an environmental auditor, a mining company, and the Government of British Columbia. Stay for Session 4, to learn how and why digital trust ecosystems benefit government bodies.
- Open Source Summit Europe, September 15: EMDT will participate in the “Blockchain in Action in the Fight Against Climate Change” panel session with Hyperledger’s Daniela Barbosa and others to discuss the role of government in creating digital trust ecosystems and how enhanced sustainability reporting supports climate goals.
To learn more about Energy & Mines Digital Trust, be sure to include the Trust Over IP Summit as a co-located event to your Open Source Summit Europe registration and/or register for Hyperledger Global Forum.
Join us for an exciting week of engagement with leaders in the area of digital-trust transformation.
The ToIP Foundation is forming a new task force on Artificial Intelligence (AI) and Metaverse (AIM for short), under its Technology Stack working group.
Two weeks ago was the first full-scale Identiverse since the pandemic began, and host Ping Identity pulled out all the stops. It started off with a wonderful video splash with spotlighted drummers banging away, setting the stage for three days of wonderful entertainment, great keynotes, engaging sessions, and nonstop networking.
Ping CEO Andre Durand ‘s opening keynote set the tone by putting decentralized identity front and center. Stating that our current systems do not scale, Andre took us on a journey through the history of Identity solutions from passwords, to single sign-on, to OAuth, to centralized and federated identity.
He then ended with what we all know at the Trust Over IP Foundation: that the future is decentralized identity.
It was not just a wonderful start to the conference, but a great summary of exactly why ToIP was founded: we are collaborating to develop the recommendations, standards, guides, and templates needed to connect the gap shown on Andre’s slide above.
If there was a real surprise at this year’s Identiverse, it was the evidence presented throughout the conference that decentralized identity isn’t just the future, it is the NOW. For example, only an hour after Andre’s keynote, Kristina Yasuda, Senior Identity Standards Architecture at Microsoft, gave an entire talk extolling the virtues of verifiable credentials (VCs) without even mentioning Microsoft’s own VC products. (She also didn’t mention that she is the new co-chair of the new W3C Verifiable Credentials 2.0 Working Group along with Brent Zundel of Avast).
Shortly after Kristina’s session, Brent and Drummond Reed gave a presentation on how the SSI model of digital wallets and VCs can and should be integrated with existing identity and access management (IAM) systems. Their goal was to dispel any notion that “rip and replace” was necessary to start using VCs and the ToIP stack.
But the most resounding endorsement of VCs came when Alex Simons, Microsoft’s Corporate Vice President of Identity and Network Access gave the opening keynote on the second day. He not only spent the entire first half of his talk explaining why VCs were the headline new feature of the Microsoft Entra product suite, but then invited Kristina to give a live demo of VC interop between Microsoft, Ping, Workday, IBM, and MATTR. For more on the specific interop profile they were using, see this blog post from Microsoft decentralized identity product manager Ankur Patel.
On Thursday, ToIP Steering Committee member Mike Vesey, CEO of IdRamp presented several use cases in his session “Establishing Trust with Decentralized Identity Networks, Verifiable Credentials, and Zero Trust”. Mike shared several decentralized identity solutions operating in production today, including:
- “Zoom Bouncer”, a new meeting security application now available in the Zoom public app store that allow meeting hosts to use verifiable credentials and biometrics to protect virtual meetings from zoom bombing.
- The North Dakota Department of Education decentralized identity initiative shows how verifiable credentials are being used for decentralized verification of student learner records for graduating students.
Mike also gave a demo of the IdRamp zero code orchestration platform that allows issuance of verifiable credentials from any traditional IAM system and verification with any traditional relying party service—an entire journey that can be implemented in just a few minutes without any code. “IdRamp has been providing decentralization for a few years now.” states Mike Vesey, “The IdRamp platform provides a seamless bridge from centralized identity systems into decentralized credential based authentication and access control. It was inspiring to hear that same vision being shared by the largest IAM organizations in the world. The future of identity is decentralized and ToIP is playing a major role in guiding organizations on their journey into decentralized zero trust protection.”
Judith Fleenor, Director of Strategic Engagement at the Trust Over IP Foundation, agrees: “It’s exciting to see live use cases of verifiable credentials across various sectors of government and industry. It is equally exciting to see organizations such as our Steering Committee members IdRamp and Monokee making integration with traditional IAM a breeze through their innovative system integration platforms and consulting services.”
Another key theme throughout the conference was FIDO2 passkeys. At least a half-dozen sessions were focused on this topic—not surprising given the announcements from Apple, Google, Mozilla, and the FIDO Alliance earlier this spring—and that Identiverse focuses on an enterprise IAM-centric audience where solutions to multi-factor and passwordless authentication have been sought after for two decades.
Overall, the attendees from ToIP agreed that this Identiverse took a strong step in the direction of ToIP—and it made it even more important that we push forward with our work of completing the full definition of the ToIP stack.
If you’d like to participate in ToIP’s efforts to further define a complete governance and technical architecture for interoperable digital trust, join us by becoming a member.
We are pleased to announce that Monokee s.r.l., a scaleup from north Italy, has joined the ToIP Foundation as a Steering Member. A company rising from the centralized and federated IAM world to embrace the SSI paradigm, Monokee intends to be an active contributor to the community’s efforts in defining the interoperability standards that will lead to Web 3.0.
Launched in 2018, Monokee leverages the 20 years of experience of its two founders in IAM/IGA consulting. The company’s flagship product is an easy-to-integrate, point-and-click visual identity orchestration tool used by security architects from SMEs to larger enterprises.
Representing Monokee on the Steering Committee will be Ing. Roberto Griggio, Monokee’s CEO. Roberto graduated in Computer Science from the University of Venice, Italy and sports more than 20 years in identity and access management and related fields. On the technical working groups and task forces, Monokee will be represented by Dr. Mattia Zago, Monokee’s SSI Solutions Architect. Mattia holds a Ph.D. from the University of Murcia, Spain, specifically dedicated to cybersecurity and artificial intelligence subjects.
“Joining the ToIP Steering Committee represents a significant milestone for me as a researcher and us as an identity company,” said Dr. Zago. “Seeing that the community is aligned with our view of a hybrid integration between federated enterprises’ services and decentralized identities further increases our motivation to pursue it. Indeed, we will keep pushing forward our identity orchestrator to provide seamless (and codeless) integration experiences for security engineers.”
Monokee believes a formal definition for the authentication and authorization processes is critical for integrating IAM/IGA solutions. Despite the importance of this aspect, most contemporary solutions require a non-negligible amount of engineering effort to connect identities, attributes, applications, flows, protocols, and many other elements.
Monokee simplifies this process with its Visual Identity Orchestrator (VIO), a drag-and-drop interface to build your authentication processes from scratch, starting from predefined blocks and connecting them in a flow-chart fashion as illustrated below.
Each block and connector in the resulting map represent parts of the process in a virtually codeless environment: Monokee’s visual builder turns that map into computer-generated code, with no room for human errors. The VIO is also a major improvement for process management. For example, adding an authentication factor in an existing process is just a matter of dragging a new block into the chart and inserting it into the flow.
The abstraction provided by Monokee’s VIO aligns perfectly with the vision of the ToIP foundation of an interoperable web of trust. Specifically, Monokee aims to bridge the gap that exists at layers 3 and 4 of the ToIP stack between classic centralized and federated ecosystems and new decentralized services and resources. While this obviously involves technical challenges, the real interoperability questions reside in the governance framework that coordinates the topmost ecosystem layer: how to embrace the new trust paradigm without tossing away the achievements of the last decade?
Monokee envisions a hybrid world capable of taking advantage of the structured, well-tested, and effective IAM solutions while incorporating decentralized and distributed elements to improve end-user privacy and usability. Monokee plans to provide resources and workforce to help ToIP working groups achieve their 2022 objectives, starting with the ToIP Technology Architecture Specification, anticipated for release in September 2022.