Three years ago, as part of Microsoft’s mission to empower people and organizations to achieve more, we announced that we were incubating a new set of decentralized identity technologies based on a simple vision 😛 TAGEND
Each of us needs a digital identity we own, one which securely and privately stores all the components of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used.
During this incubation, customers and spouses all around the world have helped us understand their challenges and the shortcomings of their existing identity systems. We’ve learned a ton through a placed of successful proof of ideas partnering with Keio University, 1 The National Health Service( UK ), 2 and the Government of Flanders.3 We’ve worked with our partners in the Decentralized Identity Foundation( DIF) and the open standards community to develop standards and demonstrate interoperability.
Using these new open standards and all these reads to guide us, we turned on the public preview of our new decentralized identity system–Microsoft Azure Active Directory Verifiable Credentials–in April 2021. That preview made a ton of valuable feedback and gave us the opportunity to learn from all of you.
Through all these interactions and investments, we have become even more excited about the opportunity to create a decentralized identity system that increases client trust and adoption by minimizing data processing and providing the user much greater control of the specific identity data they share and how it will be used.
Now we are well into the next phase of our program, “workin on” two parallel exertions 😛 TAGEND
Partner with the decentralized identity community to finalise a fixed of high-quality open standards that we can all support. Deliver the first General Availability release of our decentralized identity service in parallel with these still-evolving standards.
The 5 guiding principles
In this new phase, we want to share the determined of guiding principles that we will use to guide both tries. Not all these principles will be realizable from the start, but we believe that all are necessary over time to realize the promise of decentralized identities 😛 TAGEND
1. Secure, reliable, and trustworthy
My digital identity must be secure. It must not be easy to forge or hack. No one must be able to use it to impersonate me. I must ever have a way to access, use, and securely recover my digital identity. I must have access to a detailed log of all the times I’ve used my digital identity, who I employed it with, and what it was used for.
My digital identity is under my control. It must only be used with my permission and when I consent; I must know who will use it and how it will be used. I must be able to review which elements of my digital identity are being requested and I must have the option to only disclose the specific information necessary to support the consented apply. My use of my digital identity is required to be private. No one, other than the party I explicitly share it with, is well aware I am applying it without my consent. My digital identity must not be able to be used to track me across unrelated services or applications without my permission. I must have the freedom to switch between the machines and applications of my choosing to manage my digital identity, and never be locked in. I must be able to delete all aspects of my digital identity and any associated data and log files from wherever I choose to storage them.
3. Inclusive, fair, and easy to use
My digital identity must be usable, available, and accessible regardless of my race, ethnicity, abilities, gender, gender identity, sexual orientation, national origin, socio-economic status, or political status. My digital identity must be easy to use and use universal design principles to make it useful for people with a wide variety of abilities.
I must be able to designate trusted friends or family members who can access my digital identity as needed if I become incapacitated or pass away. If I am a child, my digital identity to be welcomed appropriate parental or custodial oversight and control.
5. Environmentally responsible
Creating and using my digital identity must be environmentally sustainable and not make long-term environmental harm.
In building and operating these systems, we are also making an additional defined of commitments we believe are critically important 😛 TAGEND
Legitimate and lawful: This new digital identity system must be legitimate and lawful. We will strive to assure it doesn’t promote illegal activity, enable corruption, or uncover people to undue hazard or unlawful access. We will strive to ensure the technology doesn’t cause or worsen unjust or disparate impacts on systemically marginalized members of society. Interoperable and accessible: We will strive to ensure technological and policy interoperability among domestic and international stakeholders, ease of use, broad-spectrum inclusion, and equity of access. We will work to ensure the system projects across modalities, including apply it online, in person, and over the telephone. We will build the system based on open , non-proprietary, and accessible standards to assure broad interoperability. Safe: We will strive to place customer safety and security at the center of our decentralized identity system designing.
Our objective in sharing these principles and our commitments is to help our clients, partners, and the decentralized identity community is aware that motivates and guides the americans and how we think about this exciting opportunity.
To learn more about Microsoft Security answers, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the most recent developments and updates on cybersecurity.
1University to enable students to securely manage their own transcripts with Verifiable Credentials, Customer Stories, Microsoft. 16 March 2021.
2With high levels of security and trust, the NHS rapidly gratifies clinical requirements applying confirmed credentials, Customer Stories, Microsoft. 15 March 2021.
3How a decentralized identity and verifiable credentials can streamline both public and private processes, Customer Stories, Microsoft. 17 March 2021.
The post Microsoft’s 5 guiding principles for decentralized identities showed first on Microsoft Security Blog.