DOC: Create RFW for DID implementation

[shawnjensen]

@elias-dzobo pls create a RFW here aligned with @matikucharski for the implementation of the SSI framework. Note this is a Public Repo for the Catalyst community to review the project delivery.

[elias-dzobo]

Table of Contents

• Housekeeping
• The Problem
• User Story
• Request Type A/B
• Request Category Feature/Capability
• Owner
• Summary
• Is This Really Necessary?
• Motivation
• Named concepts
• Examples, Risks & Assumptions
• Success Metrics
• Conceptual Design
• Requirements
• Drawbacks
• Alternatives
• New Data
• Business Release Date

Housekeeping

Make sure to clearly understand Type-A and Type-B requests, and the relevant limitations. Failing to follow the guidelines pertaining to the two acceptable types of RFWs will automatically lead to disqualification of the RFW.

Take time to complete each section below with as much detail as is required to establish a comprehensive understanding about the underlying product specification.

ALL BELOW FIELDS ARE REQUIRED

The Problem

Current data privacy platforms centralize user identity management, raising concerns about data breaches and user control over personal information.

User Story

As a Profila user, I want to have greater control over my personal information by managing my own digital identity and selectively sharing specific data attributes, so that I can trust the platform and feel empowered about my data privacy.

Business Severity: High

This feature is critical for building user trust and ensuring user adoption of the data privacy platform.

Request Type: A

This is a new feature for the data privacy platform.

Request Category: Feature

This functionality introduces a new way for users to interact with the platform.

Owner: ELIAS DZOBO

Summary

This RFW proposes implementing Self-Sovereign Identity (SSI) within the data privacy platform. SSI empowers users to control their digital identities and share data selectively, fostering trust and transparency.

Is This Really Necessary?

Centralized identity management systems pose security risks and limit user control. SSI offers a more secure and user-centric approach, aligning with the core principles of the data privacy platform.

Motivation

• Enhance user trust and privacy by decentralizing identity management.
• Increase user control over personal data through self-sovereign identity.
• Encourage wider platform adoption by empowering data providers.

Named Concepts

• Self-Sovereign Identity (SSI)
• Decentralized Identifiers (DIDs)
• Verifiable Credentials (VCs)

Examples, Risks & Assumptions

1. Result: Users will create and manage DIDs within the platform. They will issue VCs containing specific data attributes to requesting parties.

2. Difference: Unlike current systems, users control what data to share and with whom, increasing transparency and trust.

3. User Experience:

   • Users feel empowered and in control of their data.
   • Increased trust and willingness to share data.
   • Improved user experience with a focus on data privacy.

4. Sample Messages:

   • "You are now in control of your data identity on the platform."
   • "Share only the information you feel comfortable with for this request."

5. Out of Scope:

   • Developing a sovereign identity ecosystem from scratch.
   • Integrating with closed identity management systems.

6. Data Protection & Security:

   • Compliance with relevant data privacy regulations (e.g., GDPR, CCPA).
   • Secure protocols and encryption for data storage and transmission.
   • Collaboration with privacy and security teams.

7. Support:

   • User guides and FAQs on SSI and data sharing.
   • Dedicated customer support trained on SSI functionalities.

8. Revenue & Billing:

   • Potential for premium features related to advanced data control within the SSI framework.

9. Additional Risks:

   • User adoption of a new identity management concept.
   • Interoperability with other SSI-enabled platforms.

Success Metrics

• Increased user registration and data contribution.
• Positive user feedback on data control and privacy features.
• Reduction in data security incidents.

Conceptual Design

A decentralized identity wallet will be integrated into the platform. Users will create and manage DIDs, issuing VCs containing specific data attributes. Data requests will be routed through the SSI framework, allowing users to selectively share VCs with requesting parties.

Requirements

• Secure enclave for DID creation and management.
• Integration with SSI protocols for VC issuance and verification.
• User interface for managing DIDs, VCs, and data sharing requests.
• Compatibility with existing platform functionalities.

Drawbacks

• Potential learning curve for users regarding SSI concepts.
• Reliance on emerging technology standards and ecosystem adoption.
• Increased development complexity compared to centralized identity management.

Alternatives

• Enhance existing access control mechanisms within the platform.
• Implement privacy-preserving data aggregation techniques.

These alternatives offer some level of data control but do not provide the same level of user empowerment and decentralization as SSI.

New Data

• Decentralized Identifiers (DIDs) for platform users.
• Verifiable Credentials (VCs) containing user-controlled data attributes.

Business Release Date

N/A

Target release: N/A