In short

• The identity service allows each participant to connect to the data space services through on single identity

• This identity is decentralized and follows Self-Sovereign Identity principles

• Each participant will have a easy to use Wallet to manage its identity

Demo

This video shows how though a decentralized identity wallet participants can log into the data spaces services (in this case the catalog). Through the Prometheus-X philosophy and open source building blocks, any other player can reuse the code and operate a similar service. Through this same approach, organizations are not tied to their identity provider and can easily change wallets (see Architecture).

Timeline

Start date: T0 + 0 months (T0 = expected: Q1 2023)

End date : T0 + 9 months

Duration (in months): 9

Where we are right now

• First implementation of an SSI wallet with the catalog service

• At the conclusion of the NGI ESSIF Lab program, the mywallet.cloud academic wallet has been delivered and will be in production starting January 2023. It will serve as the technology base for the project. https://www.bcdiploma.com/en/blog/wallet-blockchain-e-portfolio

Want to join the effort? See the working groups!

Objectives and Expected Outcomes

The objective of this building block is to ensure proper and decentralized authentication of the members of the ecosystem exchanging data. This identity and authentication is absolutely necessary to guarantee the integrity and security of the exchanges on the network.

The building block is based on a system allowing, via an "Identity Dashboard", to provide a Decentralized Identity (ESSIF - DID by expl.) to any internal or external entity (legal entities), but also to accept DIDs from reference ecosystems (EBSI, GAÏA-X) The proposed development uses the following technologies and knowledge:

- Self Sovereign Identity standards & implementations, ESSIF & W3C

- Wallets W3C standards & implementations

- Strong authentication & EIDAS

- Decentralized applications standards & implementations

- Elliptic curve cryptography

- Keystores.

The interaction with this identity will be done via an "Enterprise Wallet". Once onboarded, the entity accesses its "Enterprise Wallet" allowing its identification and the authentication of the deposited data. The delegations of access to the Wallet for the administrators of the entities are carried out, with the choice, by strong authentication or by a "Citizen Wallet" which will be also provided by the service in open source (ESSIF Lab).

The added value is significant: the service will allow to take advantage of the security and traceability of decentralized identities in a B2B context to authenticate data.

This task will also allow to work on the UX of the described applications and to ensure the good integration of the identity service with the consent service, contractualization, cataloguing, monitoring and interoperability services.

Scope

• Writing of specifications and development of interface models, in coordination with the other software components of the project. Preparation of development environments.

• Full development cycle, including a test environment, a beta version followed by a production version of the identity dashboard.

• Full development cycle, including a test environment, a beta version followed by a deployed production version of the enterprise wallet.

• UX development of the models

• Integrations with other governance services (catalog, contractualization, consent)

• Participation in the project management bodies and in the dedicated technical and functional groups. Constant verification, in agile method, of the good coherence of the developments.

Sequence diagram

Deliverables