28 Enterprise identity and access management realized with SSI

 

Dr. André Kudra

    As a new model for decentralized digital identity, SSI is coming into the enterprise IAM (Identity and Access Management) space from the “outside in”. But some longtime experts in that space have recognized that SSI can have as much of a positive impact on enterprise IAM as the Web information sharing model (which also came from the “outside in”) brought to enterprise networks. Dr. André Kudra, co-owner and CIO at esatus AG, is one of those IAM experts who saw the potential for SSI right from the outset—he led the effort for esatus to be one of the founding stewards of the Sovrin ledger in 2017. In this chapter he lays out the case for how enterprise IAM should embrace SSI.

    28.1 Contemporary IAM Solutions and their Limitations

    28.2 Self-Sovereign Identity: The Innovative IAM Solution

    28.2.1 Bring Your Own Identity (BYOI) is Now Possible

    28.2.2 SSI is a Global Phenomenon with Many Active Communities

    28.3 Building the Bridge between Classic IAM and SSI

    28.4 Real-World Case Study: Implementing SSI-based IAM in an Enterprise

    28.4.1 Jumpstarting Practical SSI Application

    28.4.2 Enabling SSI Login for a Production Application

    28.4.3 Tailoring SSI Access Control Policies

    28.4.4 From Org Structure to Schema

    28.4.5 From Schema to Credential Definition

    28.4.6 Access Compliance Considerations

    28.4.7 Modeling Access Rules

    28.4.8 Conducting the Staged Roll-Out

    28.4.9 A Real-Life Example of Using the System

    28.5 A Good Start—What Are Next Steps?

    28.6 The Opportunities of SSI-based IAM for Corporations

    28.7 Conclusion and Call to Action