浅谈去中心化数字身份

The author China Industrial and Commercial Bank of China Institute of Financial Technology Blockchain Research Team, with the emergence and popularization of the Internet, digital identity has gradually been integrated into our daily life, and traditional physical documents such as ID cards or household registration books have gradually been replaced by digital identity. At present, the digital identity we use is mainly centralized, and identity information management and identity authentication services are provided by a single service platform. Users need to submit original proof materials repeatedly in different service platforms to register different accounts. At the same time, the service platform can unilaterally disable or cancel the user's account according to the agreement, or even redistribute the account to other users after recovery. If these accounts, such as mobile phone number and email address, are associated with other users' accounts, logging in or resetting the password through SMS verification code will lead to the risk of fraudulently using other people's accounts and peeking at other people's information. In addition, there are a lot of cases in which the identity data of users are stored in various service platforms, resulting in data leakage due to uneven management level. In order to solve the above problems, a decentralized digital identity solution is proposed in combination with the decentralized distributed ledger technology represented by blockchain. This paper will briefly introduce the principle of decentralized digital identity technology and look forward to its application prospect in the financial industry. What is decentralized digital identity? Digital identity is the mapping of entities, including people, equipment and applications, in cyberspace, which is the digital expression of entity identity. Digital identity is mainly composed of digital identity and identity attributes. Digital identity can be compared with the ID number of entity identity, and the identity attribute can be compared with all digital information related to entity identity, such as gender, age, home address, personal hobbies, etc. Traditional digital identity is centralized, and the use of identity is limited to a single platform. Decentralized digital identity, also known as distributed digital identity or blockchain-based digital identity, is a decentralized technical feature through distributed ledger technology. Compared with the traditional centralized digital identity, the new digital identity allows users to own and control their own digital identity instead of relying on a centralized service provider. Compared with the traditional centralized digital identity, the new digital identity has advantages in control rights, privacy protection, interoperability, security and management cost. In control rights, users can decide how to store and use their own identity data without relying on third-party organizations. In privacy protection, users can only access and use their identity information with authorization, which reduces the number of users. The risk of information abuse and disclosure follows a unified and open standard protocol in interoperability, and the user-authorized identity data can be shared and used across platforms, institutions and scenarios. Users do not need to register different accounts repeatedly between different platforms and applications. In security, the user's identity data is published and verified through distributed account books such as blockchain, which reduces the risk of tampering and abuse. In management cost, the user's identity data can be managed by the user independently, and enterprises do not need it. We should invest a lot of resources to store and keep user identity data. 2. Decentralized digital identity technology. In recent years, the industry has formulated a series of technical standards and protocols, among which the specifications and protocols of the World Wide Web Consortium are widely recognized and applied. The products in the industry basically follow the specifications and protocols. The components in the specifications mainly include distributed identification, verifiable vouchers and distributed account books, as shown in the figure. Decentralized digital identity is a character string lattice with a specific format. The formula is the unique logo that can be used to represent any entity in the whole network. The public and private key mechanism is used to realize identity authentication through private key signature and public key verification. Each logo will be bound with a document to record the relevant information of the logo, including the most critical public key information. The public key will be released to the distributed account book with the document, and the private key will be kept by the entity itself, thus realizing a decentralized digital authentication method. Verifiable vouchers are similar to various proof materials in our daily life. For example, birth certificate, income certificate, etc. are generally issued by a credible authority. Verifiable vouchers include not only the statement information put forward by the issuer to the designated user, such as the birth certificate issued by the hospital, but also the digital signature information generated by using the issuer's identification private key. Because the private key is kept and used by the issuer, others can't forge it, and other users can use the public key to quickly verify it, including verifying whether the voucher is credible or not. Whether the contents of vouchers issued by authoritative organizations have been tampered with ensures the credibility and authority of vouchers. Distributed ledger is a kind of decentralized database based on peer-to-peer network, and its core feature is that all transactions need to be verified by consensus mechanism to ensure that all participants' ledger records are consistent. By using distributed ledger to register and maintain logos, documents can be stored and published, and even if there is no authoritative centralized certification institution, the only entity in the whole network can have a logo. One or more unique identities. In addition, all users can obtain the identity public key through the distributed ledger to verify the digital signatures and vouchers provided by users. The workflow specification of three decentralized digital identities also puts forward a reference model for the flow of verifiable vouchers, which is composed of identity holders, certificate issuers, certificate verifiers and verifiable data registration centers. As shown in the figure, the identity holder is an entity with one or more identities and verifiability. The issuer of the certificate is also an entity, and it also has one or more identities, which has certain authority, such as government departments, financial institutions, etc. It can issue verifiable certificates based on the statements of an entity and then provide the certificates to the identity holders for safekeeping. The certificate verifier generally confirms the identity of the service providers by receiving one or more verifiable certificates provided by the identity holders, and provides services for qualified users. The verifiable data registration center is used to register and maintain the identification. Storing and publishing documents with distributed account books, such as blockchain, etc. The workflow of the verifiable voucher circulation model mainly includes six links: registering identity, requesting vouchers, issuing vouchers, saving vouchers, presenting vouchers and verifying vouchers. Registering identity holders, certificate issuers and voucher verifiers need to register a logo in the verifiable data registration center to obtain a unique digital identity in the whole network. The operation of registering identity can be completed by users themselves, and a pair of public and private keys can be generated by cryptographic algorithms. The public key is kept by users themselves and registered as a part of the document to the verifiable data registration center for all users in the whole network. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=60208