Blockchain and Decentralized Identity Presentation for ISACA GWDC Chapter
Security Architects Partners’ Dan Blum will be speaking September 20, 8:30 AM, at the ISACA Greater Washington DC Chapter’s Cybersecurity and Risk Conference (Register). Here is the presentation abstract:
Blockchain Technology and Concepts of Decentralized Identity
Blockchains are a powerful (and often over-hyped) transformative technology. After providing a quick introduction to Blockchains and Distributed Ledgers, this presentation will explore the topic of decentralized identity and ways that blockchains do, don’t, or could support identity and privacy solutions. It reviews emerging industry models – such as the W3C Decentralized Identifiers (DID) and Verifiable Claims standards. Finally, it provides Security Architects Partners’ architectural framework for using blockchain in decentralized identity and a quick overview of emerging solutions in the market.
What We’ll Cover: Blockchain Basics
The presentation will provide a layman’s example of a distributed ledger, then take the audience through three Ages of Accounting in the arc of human history. It includes lot of cool tech as well, touching on the types of blockchains, their industry impact, and audit considerations.
We’ll discuss public/permissionless blockchains (as in Bitcoin’s), private distributed ledgers, and hybrid models. These models clearly have their advantages and disadvantages: A blockchain like Bitcoin has proven challenging to govern (except through hard forks) and it currently performs only seven (7) transactions per second on average. Private blockchains, such as R3 Corda’s created by the banking community, don’t have the same scalability and governance problems. However, private ledgers inherit trust issues and other baggage from their industry. We’re still trying to figure out how to balance the good characteristics of multiple models to achieve desired levels of openness, transparency, assurance, and information flow for the digital economy.
You might ask: Why do we pair blockchain basics with decentralized identity? First, GDPR is driving decentralized identity as a potential disruptive business model, and all early implementations are blockchain-based. Second, identity and access management (IAM) are critical services for blockchain applications themselves. Blockchains – be they for financial services, supply chains, asset registries, or IoT – enable transactions between people. They must manage the information about what people own, are authorized to do, or are accountable for. Blockchains must manage identity.