If you are not familiar with the decentralized identity, you can start here.
The promise of decentralized identity – self-sovereign identity in the case of people identity – is to put people in charge of their identity and personal data. Obviously this is a noble idea and great step forward for identity management. But what about all the existing identity providers that invested so much in establishing people identity within their organizations?
For decentralized identity to take root, both enterprise organizations and third party identity providers need to view identity and relationship identifiers as two distinct constructs. People core identity can be decentralized and drive relationship identifiers for different organizations. However, each organization has to still manage its own corresponding relationship identifier for each person to address other identity governance and access management requirements.
This is not an easy transition as many organizations and identity providers still couple identity and identifiers tightly and manage them as part of their overall identity and access management discipline. Also, for many business reasons, organizations may prefer to use their own established identity of people rather than accepting a decentralized identity. This brings up a fundamental question that whether we need to have an “Identity Neutrality” manifesto.
Identity Neutrality must guide organizations to view identity and relationship identifiers as two separate constructs. Such a manifesto should provide a vision that allows people to control their own identity and guide organizations to seed people’s corresponding relationship identifier (derived from people core decentralized identity) in their environment.
So what do you think? Do we need an Identity Neutrality manifesto? We would like to hear from you and learn what you think. Please share your comments with us.
Note:
- Gartner introduced the decentralized identity conceptual architecture in “Blockchain: The Dawn of Decentralized Identity [1],” which was published in September 2016 and refreshed in May 2018. In a decentralized identity model, users generate and manage their own digital identity without relying on a central repository.
- Gartner captured the advancement in self-sovereign decentralized identity design in ” Blockchain: Evolving Decentralized Identity Design [1],” which was published in December 2017. Self-sovereign identity networks and verification services are key mechanisms to implement decentralized identity and relationship identifiers for people. In a self-sovereign decentralized identity model, users are practically in control of their identity and related attributes.
[1] Full report is available to Gartner for Technical Professionals subscribers.
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.