We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Identity Box

00:00

Formal Metadata

Title
Identity Box
Subtitle
Decentralized Web of the Future
Title of Series
Number of Parts
490
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Society is becoming increasingly more aware of the importance of protecting digital information and it is becoming clear that the current centralized model has came to an end. The future of the Internet is distributed. Unsupervised, unmoderated access, affordable storage, data-replication, and security and privacy built-in are the most important aspects of the Internet of the future. Unfortunately, a global, reliable, decentralized network cannot be built without actual physical nodes, as the opposite of thousands of nodes in centralized cloud data center. Only by building an open network of physical nodes we can pave our way as a society to the decentralized Internet of the future. Identity Box is a personal P2P networking device giving you access to a global network of distributed storage, digital identity, and distributed personal apps. It is a community effort of building the next-generation, decentralized infrastructure that enables an open platform for privacy-preserving ecosystems. Most of the data today belong to just a handful of companies. Personal documents, photographs, videos, things that we put online in general, contain lots of sensitive information. Information that we would rather prefer to stay private. Very often the same companies that provide more or less "complimentary" storage space for our disposal, also help us managing our whole digital existence. The combination of the data and the identity information is a powerful combination which empowers well-established business models where the user's data or the user itself become a product. Allowing sensitive data to be kept by well-known service providers makes it easier than ever for illegal institutions, but also the state, to gain insights into the data that they have no rights to access. Our sensitive personal data are kept by the state, healthcare organizations, financial institutions, and corporations. We do not have control over these data and our access to them is limited. Every institution storing the data has not only its own policies, but also uses proprietary technologies to access the data. These data silos make interoperability hard and give institutions almost complete freedom to use the data without consent of the user. Society is becoming increasingly more aware of the importance of protecting the digital content and it is becoming clear that the current centralized model has came to an end. The future of the Internet is distributed. Unsupervised, unmoderated access, affordable, unlimited storage, security and privacy built-in are the most important aspects of the Internet of the future. Unfortunately, a global, reliable, decentralized network cannot be built without actual physical nodes, as the opposite of thousands of nodes in centralized cloud data centers. Users need to be re-introduced to the concept of decentralization and learn the advantages of technologies like self-sovereign identity, and content-addressable networks. Only by building an open network of physical nodes we pave our way as a society to the decentralized Internet of the future. Building the decentralized Internet of the future is therefore a community effort, where all participants become the actual owners of the distributed global infrastructure. To support this community movement, we propose Identity Box: a personal P2P networking device giving you access to the global network of distributed storage, digital identity, and distributed personal apps. Identity Box is a physical device, but at the same far more than just piece of hardware. Together with the included software and Identity App, Identity Box enables an ecosystem of rich, distributed personal applications. It supports IPFS, Self-Sovereign Identity, and end-to-end encrypted storage. And that's just the beginning. Join us in building the decentralized Internet of the future!
Identity managementIdentical particlesCuboidSlide ruleComputer animation
Computer fileIdentity managementInformation privacyComputer networkInformationDatabase transactionChainBlock (periodic table)Distribution (mathematics)EncryptionData modelKey (cryptography)MathematicsVertex (graph theory)WindowBoom (sailing)Information privacyIdentical particlesMultiplication signSlide ruleWeb 2.0Image resolutionKey (cryptography)Resolvent formalismPublic-key cryptographySoftwareDistribution (mathematics)Identity managementQuicksortApproximationCartesian coordinate systemSoftware frameworkMobile appCuboidInheritance (object-oriented programming)Moment (mathematics)Centralizer and normalizerPeripheralString (computer science)IdentifiabilityPeer-to-peerStability theoryLaptopService (economics)Point cloudAbstractionSign (mathematics)Level (video gaming)PermanentGoogolPresentation of a groupCASE <Informatik>BackupFrame problemComputer networkResultantWordInstance (computer science)Roundness (object)WebsiteComputer animation
Bookmark (World Wide Web)Execution unitBoom (sailing)WindowWide area networkCuboidIdentical particlesAddress spaceBackupRight angleShift operatorType theoryQR code1 (number)Marginal distributionCodeSound effect2 (number)Service (economics)
WindowCore dumpBookmark (World Wide Web)QR codePort scannerCodeDemonBoom (sailing)QR codeIdentical particlesMobile appFacebookLink (knot theory)ResultantCryptography
Bookmark (World Wide Web)Boom (sailing)Identical particlesMessage passingLink (knot theory)Cuboid
FacebookPoint cloudOpen source
Transcript: English(auto-generated)
Identity box. Let me start with this. Sorry, the last slide. Privacy starts with identity.
But not really just identity, actually privacy starts with self-sovereign identity. And people here most probably know what self-sovereign identity is. It's, shortly speaking, identity that you own and that you control. So it's not owned by some service like Google, GitHub, whatever.
Nobody can take it away from you. And self-sovereign needs decentralized network. These slides will be repeated a couple of times today. And it may seem not to be obvious. It's really not obvious per se because it all depends how you perceive your identity, how it's really implemented. And the most trivial and in some way naive way of implementing identity
is to associate your identity with a public key. So basically every identity is your public key. And we did it. And we implemented this in Cogito, an identity management framework
that we created two years ago, approximately. And we even presented that last year at FOSDEM in a lighting talk. And as you can expect, using a public key as your identity, you immediately get questions like those. What if your private key gets compromised?
And of course your identity is gone. How are the people that use your identity going to know about it? Do you even know yourself who is using identity? Sure not. In other words, you get the network of keys, so some sort of web of trust again, something that we know it's a problem and doesn't really pick up very well.
But the guys from rebooting web of trust together with other people, they work on an interesting document. There's a standard about decentralized identifiers. And people that work in this group,
they came up with an interesting idea. So they introduced something which is called a DID resolver. And what does it do? So if you have your identity, which is just a string of characters in the end, you ask the resolver, give me something called decentralized identifier document.
And in this document, you can get whatever you need. So for instance, your public encryption key or your public signing key. Quite powerful concept. On a high abstraction level, should work very well. And of course, it makes all those questions that we had before solved quite nicely.
You can change your keys at any moment. Your identity stays the same after you change your key. People don't need to know your public keys. You don't have to keep public keys of any peers that you want to communicate with because you ask the resolver and resolver tells you, well, give me your identity.
I give you the keys, basically. So like key distribution problem solved. So in other words, instead of having network of keys directly connected as in typical Web of Trust, you end up in situations similar to this. You ask some kind of infrastructure to provide it to you. But if you look at this picture even,
this thing looks like centralized. Well actually, a resolver could be implemented in a purely centralized way. And we did it for exercise and it works great. It has super low latencies, it's super reliable. Of course, the problem is that if you base your resolution of your identity to a centralized service,
we are not speaking about self-sovereign anymore again. Which means basically the resolver itself needs to be built on decentralized network as well. So that's why I was saying at the very beginning, self-sovereign identity needs decentralized network. And now, what's the problem with decentralized networks?
Why don't we have even today, after so many attempts, we don't really have mainstream, reliable, stable peer-to-peer infrastructure out there. And one of the reasons is that there are no really physical nodes. It's not enough to put 1,000 nodes in a cloud on Amazon or something.
And it's also not sufficient that network enthusiasts run their nodes on a laptop for a few hours a week. That's not how it works. Even IPFS promotes the nodes which are stable and stay on. So the centralized network needs physical nodes that are available, stable and possibly always on.
And I brought one such a node. So our identity box is actually a physical node. It's a physical device. This is just a case. It's empty inside because my identity box runs at the very moment on my desk. It's connected with other identity boxes.
And how would it work in such a case? So we want this to go to people's homes, something like a physical device. And once you get such a device, you also get an identity app from us. And now I have to switch from presentation so that you also can see this.
Hopefully this will pick it up. So here you see an identity app,
application from which I can manage all identities, basically. Sorry, I have to make those things a bit smaller. So I scanned the box.
You see that would be this. And this thing connects to my identity box, the one that you show running on my desk right now. It has some backups from it, but I will not use the backups to restore my identity. So I create quickly an identity.
And you see in my address book, I already have just one. My identity, I don't have any peers' identities. The nice thing about self-soaring identities, of course, you can create multiple identities once I am here. I can create identity, which indicates that, let's say, I am at Fosdum.
Now in my address book, you see I have two identities, so I can easily switch between them. I can be marching if I like, and if I can be marching at Fosdum. Of course, now I would like to send something to someone.
And Mark happened to follow me from Eindhoven here. He works with me, but we don't speak daily. So he has his own identity box. He's associated with his own identity box. And I would like to connect with him. So he shows me now a QR code. And I use my phone.
You see I'm doing scan here and here. So I see his name. For some reason, I don't see your phone. So I type here, Mark. Now in address book, I have also peer identities. I have Mark. And we have a demonstration sharing service,
which we can use to send secrets between people. So let's shift Mark's phone to the left a bit, because for some reason, I don't see his. So I connect. So I go to my identity app again.
I scan this small QR code. Now this thing asks me to choose an identity I want to send it to. I want to send it to Mark. I send it. Now this thing resolves the idea,
a DID document of Mark's, and it creates a link which you can put everywhere you want, on Dropbox even, or Facebook. Only Mark can decrypt that stuff.
And Mark can actually decrypt it with his device. So this is, it will also create the same connect link. You have the same thing. And you would see his decrypted message. So this is Identity Box. Thank you.