Decentralized Identity Explained : Embrace Decentralization for a More Secure and Empowering Digital Experience.

Format:

Book

Author/Creator:

Pinto, Rohan.

Language:

English

Subjects (All):

Computer security--Management.

Computer security.

Blockchains (Databases).

Physical Description:

1 online resource (392 pages)

Edition:

1st ed.

Place of Publication:

Birmingham : Packt Publishing, Limited, 2024.

Biography/History:

Pinto Rohan: Rohan Pinto, a cryptography geek with three decades of experience in security and identity management, has founded multiple businesses leveraging blockchain and identity management advancements. He specializes as a senior identity and access management architect, focusing on large-scale infrastructures for identity management, authentication, and authorization (RBAC, ABAC, RiskBAC, and TrustBAC). Rohan was the lead architect for the Government of Ontario's security infrastructure and British Columbia's Health Information Access Layer (HIAL), and he is currently developing the US Department of Defense's Security Access Layer using Common Access Cards (CACs). He mentors emerging talent through Techstars and Founder Institute and is a member of the Forbes Technology Council, Decentralized Identity Foundation, and FIDO Alliance. Rohan combines strategic vision with technical expertise to drive tech-based growth, enhancing security and compliance throughout project life cycles.

Summary:

Delve into the cutting-edge trends of decentralized identities, blockchains, and other digital identity management technologies and leverage them to craft seamless digital experiences for both your customers and employees Key Features Explore decentralized identities and blockchain technology in depth Gain practical insights for leveraging advanced digital identity management tools, frameworks, and solutions Discover best practices for integrating decentralized identity solutions into existing systems Purchase of the print or Kindle book includes a free PDF eBook Book Description Looking forward to mastering digital identity? This book will help you get to grips with complete frameworks, tools, and strategies for safeguarding personal data, securing online transactions, and ensuring trust in digital interactions in today's cybersecurity landscape. Decentralized Identity Explained delves into the evolution of digital identities, from their historical roots to the present landscape and future trajectories, exploring crucial concepts such as IAM, the significance of trust anchors and sources of truth, and emerging trends such as SSI and DIDs. Additionally, you'll gain insights into the intricate relationships between trust and risk, the importance of informed consent, and the evolving role of biometrics in enhancing security within distributed identity management systems. Through detailed discussions on protocols, standards, and authentication mechanisms, this book equips you with the knowledge and tools needed to navigate the complexities of digital identity management in both current and future cybersecurity landscapes. By the end of this book, you'll have a detailed understanding of digital identity management and best practices to implement secure and efficient digital identity frameworks, enhancing both organizational security and user experiences in the digital realm. What you will learn Understand the need for security, privacy, and user-centric methods Get up to speed with the IAM security framework Explore the crucial role of sources of truth in identity data verification Discover best practices for implementing access control lists Gain insights into the fundamentals of informed consent Delve into SSI and understand why it matters Explore identity verification methods such as knowledge-based and biometric Who this book is for This book is for cybersecurity professionals and IAM engineers/architects who want to learn how decentralized identity helps to improve security and privacy and how to leverage it as a trust framework for identity management.

Contents:

Cover

Title Page

Copyright and Credits

Dedication

Contributors

Table of Contents

Preface

Part 1 - Digital Identity Era: Then

Chapter 1: The History of Digital Identity

What is digital identity?

The evolution of digital identities

Institutional databases

Characteristics of institutional databases

Advantages of institutional databases

Disadvantages of institutional databases

ACLs

Functions of ACLs in traditional identity management

Disadvantages of ACLs

Circumventing the drawbacks of ACLs

Public key cryptography - the origin of secure public networks

The evolution of public networks

The need for secure communication

The emergence of PKI

Components of PKI

Benefits and applications of PKI

Drawbacks of PKI

Secure public networks and PKIs

The World Wide Web

Social networks - Identity 2.0

Biometric identity

IoT and the identity of things

Blockchain - a new model for identity

Summary

Chapter 2: Identity Management Versus Access Management

What is identity management?

What is meant by access?

Access control in general

Traditional access control for web applications

Access management

Access management versus access controls in traditional centralized digital identity systems

Access management versus access controls in web applications

The pitfalls

The pitfalls of traditional identity management systems

The pitfalls of traditional access management systems

Part 2 - Digital Identity Era: Now

Chapter 3: IAM Best Practices

An overview of the service components of an IAM system

Building a comprehensive IAM strategy

User lifecycle management and secure data-sharing practices

Secure authentication practices

Security token-based authentication

Access control and authorization.

Secure data-sharing practices

Continuous monitoring and auditing

User awareness and training

Compliance and regulatory considerations

Incident response and recovery and processes for regular evaluation

Regular evaluation and improvement

Chapter 4: Trust Anchors/Sources of Truth and Their Importance

Sources of truth

Defining sources of truth

Ensuring data accuracy and consistency

Enhancing identity assurance

Enabling effective identity management

Challenges and considerations

Web of trust

Understanding the WoT model

Trust anchors in identity data verification

Advantages of the WoT model and trust anchors

Future trends and innovations

Enhancing the WoT model through blockchain infrastructure

The WoT model in the decentralized space

Blockchain technology

Integrating blockchain infrastructure into the WoT model

Real-world use cases

Chapter 5: Historical Source of Authority

Practical uses of historical sources of authority

Controlling access to the source of authority

Securing access to sources of truth with ACLs

Implementing ACLs for data sources

Advantages of ACLs for securing data sources

Best practices for securing data sources with ACLs

Cons of using historical sources of truth for verification of identity data

Chapter 6: The Relationship between Trust and Risk

The impact of trust and risk

Risks arising from compromised identity

Attacks made on online identity break trust

Local network risks

Online surveillance

Browser-based web risks

Social engineering

Risk management principles and assessments

Proactive approach

Risk identification

Risk assessment and analysis

Risk evaluation

Risk mitigation strategies

Monitoring and review.

Communication and collaboration

Crisis preparedness

Risk assessment

Risk identification methods

Qualitative risk assessment

Quantitative risk assessment

Risk heat maps

Risk tolerance and assessment

Risk scenarios and sensitivity analysis

Risk ranking and prioritization

Risk and trust management roadmap

Risk management frameworks for identity networks

Chapter 7: Informed Consent and Why It Matters

What is informed consent?

Educating the user about informed consent

Understanding informed consent

Legal and regulatory frameworks for informed consent

Challenges and limitations of informed consent

Improving informed consent

The future of informed consent

The re-purposed data problem

Privacy by design

The Personal Information Protection and Electronic Documents Act (PIPEDA)

The role of consent in other jurisdictions

Challenges to meaningful informed consent

Alternatives to consent

Enforcement models in informed consent

The future of privacy

Chapter 8: IAM - the Security Perspective

IAM security fundamentals

IAM principals

Access control models and frameworks

Identity governance and administration

Identity lifecycle management

Threat detection and IAM security

Security information and event management

Repercussions of a weak SIEM system

Importance of compliance in IAM

Key regulations and compliance frameworks

Challenges and risks in IAM compliance

Future trends in IAM compliance

Emerging technologies in IAM security

Challenges and future directions in IAM security

Part 3 - Digital Identity Era: The Near Future

Chapter 9: Self-Sovereign Identity

Introduction to SSI

Why SSI matters

Cryptography in SSI.

Cryptographic techniques

Public and private keys

Digital signatures

Verifiable credentials

Blockchain and DLT in SSI

Role of blockchain in SSI

DLTs

Data storage and decentralization

DIDs

Usage of DIDs in the SSI space

DID methods

DID resolution and resolution protocols

The SSI ecosystem

SSI stakeholders

SSI interoperability

Importance of interoperability

SSI in a multi-SSI network

SSI and regulatory compliance

GDPR and data protection

Compliance frameworks

Legal challenges

Future trends in SSI

Emerging technologies

Scalability and performance improvements

SSI in a post-quantum world

SSI and blockchain scalability

Scalability challenges

Layer-2 solutions

Future scaling options

Use of tokens in SSI

Role of tokens

Token standards

SSI wallets and tokens

SSI and identity in IoT

IoT and identity

SSI in the IoT

Security challenges

Ethical and philosophical implications of SSI

Ethical considerations

Philosophical implications

Individual empowerment

Challenges and risks in SSI implementation

Adoption challenges

Regulatory risks

Technological threats

Chapter 10: Privacy by Design in the SSI Space

PbD in SSI

The value of PbD

PbD frameworks

Safeguarding data in the digital age

User-centric privacy controls

Consent management

Data reduction

Selective dissemination

Security best practices

Threats and mitigations

Chapter 11: Relationship between DIDs and SSI

DIDs as the backbone of SSI

DIDs and SSI relationship basics

Emerging DID methods and innovations

Development of new DID methods

Relevance of new DID methods

Need for the standardization of DID methods

Distributed identity issuers and verifiers

Basics of verifiable credentials and digital identity.

Understanding verifiable credentials

Key components of verifiable credentials

Privacy and security considerations

Potential benefits and concerns

The road ahead

Enhancing privacy and security

Technological challenges and future directions

Chapter 12: Protocols and Standards - DID Standards

The need for standards

What do standards and protocols entail?

What do standards address?

What do protocols address?

DID standards and protocols

The impact on the DID ecosystem

W3C DID standards

Anatomy of a DID

DID documents

DID universal resolver

Decentralized trust

Proactive not reactive

preventative not remedial

Privacy as the default setting

Privacy embedded into design

Full functionality - positive-sum, not zero-sum

End-to-end security - full life cycle protection

Visibility and transparency

Respect for user privacy

Key components of verifiable credential standards

W3C Verifiable Credentials Data Model

Examples of implementing VCs

Chapter 13: DID Authentication

Traditional authentication

Lightweight Directory Access Protocol

Kerberos

OAuth 2 and OIDC

Understanding the OAuth 2.0 authorization model

Security Assertion Markup Language

DID authentication protocols

Implementing DID authentication

Core methodologies in DID authentication

Strategies for implementing DID authentication

Real-world examples and case studies

Paving the way for a decentralized identity frontier

Security and privacy considerations

The pillars of DID security

Privacy-first design

Privacy challenges

Ongoing developments and initiatives

Chapter 14: Identity Verification

Historical evolution of identity verification.

The birth of trust and recognition.

Notes:

Description based upon print version of record.

Practical uses of historical sources of authority

Description based on publisher supplied metadata and other sources.

ISBN:

9781804614549

1804614548

OCLC:

1441722747