SSI and Guardianship - A New Credential Type
We all know that carrying out business transactions online can be a real pain, especially to those who receive help in an offline world. In this blog we will share the benefits that emerging SSI technologies offer for performing online business transactions in a guardianship contexts. To make this possible, we introduce the idea of a novel kind of credential type, in which the actual guardianship is the subject. This blog is the first of three blogs about SSI and Guardianship. In the following blogs, we will talk about the practical usefulness of this guardianship credential, and a proposal for next steps we think are needed.
In a very general sense, a guardianship is an arrangement between a person that is somehow unable or not allowed to take care of themselves properly or responsibly, also called the dependent, and others, namely the guardian(s), that are tasked to help. An example is parent-child relation. The child would be the dependent, while the parent acts as a guardian. A guardianship can have a legal basis, that is: be assigned legal rights and duties (powers), but this is not always required. Under this general understanding of guardianship, people that take care of the affairs of a person that has just died also qualify as guardians, as it is obvious that the deceased person is incapacitated.
Self-Sovereign Identity or SSI is a term that has many different interpretations. In this blog, we use it to refer to the collection of emerging ideas, architectures, processes, and technologies that aim to support individuals and organizations as they negotiate and execute electronic transactions with one another. A bit more bluntly: SSI technologies enable individuals to electronically request official data about themselves e.g., from the government, banks, etc., and use that for electronic transactions, such as buying things in web shops, applying for parking permits, etc. Typically, participating in electronic transactions entails individuals having to request so-called credentials from the government or enterprises that contain 'attributes', these are statements about the requestor that the government/enterprise considers to be true, such as their name, date of birth, etc.
A person can use their credentials to share qualified data with another party, for example to electronically fill in application forms. This has many benefits. Not only does filling in forms become much easier and quicker, but it also saves organizations a lot of work as they no longer need to check the content that is provided. All in all, it makes digital transactions much more efficient and saves lots of money.
Considering credentials in a guardianship context raises some issues, because now more than one person is involved. For example: would the credentials' subject be a guardian, or the dependent? And what would such a guardianship credential look like, what kinds of attributes should go in there?
In a recently released whitepaper describes how its authors 'journeyed' to flesh out such questions. They propose a novel kind of credential type, in which a person is not the subject of a credential, but the actual guardianship is the subject. The guardianship credential specifies roles (such as 'child', 'dependent', or 'judge', 'parent', 'guardian', etc.), rights and duties (assigned to roles), and 'stakeholders', that are individuals or organizations that fulfill one or more of these roles in the guardianship. This seems to be a very elegant and generic way to deal with guardianship credentials. However, since it is quite a deviation in structure from what most of us are used to, since the subject is not an individual anymore. Therefore, we first need to try it out in practice. That is the topic of our next blog.
Sterre den Breeijen, Rieks Joosten, Peter Langenkamp (TNO)
Leon Roseleur (KNB)
Read more blogs about SSI and guardianship
This blog is the first in a series of three blogs about SSI and guardianship. Read more:
Read more about SSI technology
Read our latest in-depth articles about SSI technology.
Rieks JoostenFunctie:Senior Scientist
Rieks Joosten is senior scientist/innovator. He is a founder of TNO's SSI-lab, and its visionary. He has a background in information security, information process design, and architectures for supporting IT. Rieks is currently also focusing on the exchange of 'qualified data', e.g. in data spaces/ecosystems, and into semantic interoperability for human use.
Telefoon:+31 6 22 90 13 17
LinkedIn:Rieks on LinkedIn
Looking for an expert?View all experts
TNO EASSI can accelerate SSI adoption
TNO EASSI enables issuers and verifiers to save time and money by connecting to a single gateway in order to support any SSI wallet a holder may use.
TNO’s view of 2030: Digital privacy and security for everyone
Privacy and cyber security are the cornerstones of our digital society. With smart innovations like SSI technology, we will ensure that citizens exchange online data without any concerns by 2030. Read how.
Synthetic data generation: secure learning from personal data
Personal data from patients, citizens, or customers can be valuable and instructive for organisations, but the use of such data often raises privacy issues. Synthetic data may be the answer to this problem.
Conversational AI enables information exchange between humans and AI systems. But how do we deploy it responsibly? At TNO, we explore the challenges of making optimal use of this technology.
Poverty reduction can be made more effective with data analysis
With historically high inflation and rising energy bills, poverty reduction is more relevant than ever. Multi-Party Computation can help implementing authorities to get in touch with members of the general public who are entitled to additional support.