Open synctext opened 2 years ago
Ministerie van Volksgezondheid, Welzijn en Sport: Project 1: Improvement of MediTrail (https://repository.tudelft.nl/islandora/object/uuid%3A1774b1e9-3860-4a02-adaa-be9a92557169)
Project 2: Improving communication of the health sector
Autoriteit Financiële Markten: Project 3:
PaperDAO Project 4
Rijksdienst voor Identiteitsgegevens: Project 5:
European Union Agency for Cybersecurity (ENISA): Project 6:
De Nederlandsche Bank: Project 7:
Read:
status copied. We now have the following inside the superapp:
current sprint: literature survey.
Draft literature survey on eIDAS compliance: survey_eidas_high_compliance_1.pdf
Status update: Contacted Jean-Paul Bakkers from BZK, Geert-Jon Jepkes, IT architect eHerkenning and involved in DigiD eIDAS notification, and Bob Hulsebosch, process manager during DigiD hoog notification. From research and this contact, it can be concluded that creating a decentralized eIDAS high compliant standard and implementation is infeasible in a master thesis project, because of the following reasons:
Goal:
Mission: to explore how to facilitate the cross-border use of electronic identification (eID) and Know-Your-Customer (KYC) portability based on identification and authentication tools under the eIDAS Regulation to enable financial institutions to identify customers digitally.
EBSI and DBI re-usage and production-ready.Brief summary of the findings in these four directions:
More information can be found in Section 4: survey_eidas_high_compliance (1).pdf
Update:
inspirational update, good efforts.
"Deploying pillars of trust: eIDAS2, Trustchain, IPv8, and EBSI" That is worthy of a solid master thesis focus! Linking various sources-of-legal-truth, tamper-proof ledger storage, quantum-proof IPv8 communication, and root-of-trust from EBSI. Uncompromising open source.
Dutch government already has trouble keeping up with the pace of innovation in Europe. Sadly we even want to have a "Dutch flavour" to the European Identity and eIDAS 2.0 legal framework.
Programma EDI Stelsel NL
Om dit te realiseren moet er een stelsel voor Europese digitale identiteit in Nederland worden ingericht. Hiervoor zet
het Programma EDI Stelsel NL van het ministerie van BZK nu de eerste stappen. Veel moet nog worden uitgezocht,
maar 1 ding is zeker: het stelsel wordt ingericht op basis van een open houding en zoveel mogelijk co-creatie.
Current methodology is to try to avoid these fragile "grand visions" and meticulously use a small "use-case" based approach. By limiting the scope we ensure realisation. Use-case: natural person whom is listed as authorised inside the registry of chamber of commerce to add or suspend car registrations inside the Netherlands vehicle authority registry
. Problem is that recent query to chamber of commerce registry is currently required. This does not make the citizens self-sovereign and against European once-and-only-once spirit. Warning: keep this use-case small, ensure viability, guard feasibility, and protect implementability. Exploration track: work with Rowdy credentials, test Jacobino EBSI code, and explore use-case by showing non-functional screens in superapp (obtain minimal viable happy flow).
Keep the thesis at highest scientific level: "Deploying pillars of trust: eIDAS2, Trustchain, IPv8, and EBSI" (repeated)
ToDo: the IEEE writing style pointers
Thesis goal: work towards 1 field trail of merely 1 hour working with your app. Make 1 grand photo, this become your master thesis final figure: it really happened. Graduate :balloon:
Met with Sharif, he showed his progress. His VC EBSI compliance is different than the Credential Issuance compliance which I would need. KVK schould become a Trusted Issuer (have not looked too much into detail of this yet). Looking forward to his PR.
Want to create EBSI's first layer 2 network using IPv8, TrustChain and Rowdy's work (world's first legal backed layer 2 network?). Overview is given in Figure 1, and happyflow in Figure 2.
Figure 1:
Figure 2:
Currently busy with merging Rowdy's work regarding IPv8 and superapp to make the EBSI layer 2 possible. This will take some time, current progress here.
Preliminary answers to issues mentioned in previous meeting (performance analysis, deployment and thesis challenge): Performance analysis:
Deployment evaluation:
Technical challenge solved:
Next sprint: Hopefully merge Rowdy's work and start EBSI credential issuance compliance.
Next sprint: Create and bind DID documents within superapp.
did:ebsi:zgbNBgEqAwNMYV1T9MtUmSk
The previously mentioned statements regarding rights and obligations are all true, but concern public law. In the eHerkenning, RDW, and Makro/Sligro use case the legal basis is private law (as it concerns machtigingen within a company). The previous wrong statements have been striked through. The correct notion of machtigen within a company is "power of attorney", in case this power is limited it becomes a "special power of attorney". As I want my work to be legally irrefutable, I found it useful to correct and explain this.
Next sprint:
Thereafter:
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License
Costs of KVK HR dataservice:
updated gif (now fake PoA is truly fake)
Wow, it took me minutes to understand how many pieces have come together this sprint. :1st_place_medal: Great Work Sir! Now into Wrapping up phase! Trying to understand broad scope of your thesis:
Next sprint fit the above into 8-10 IEEE 2-column master thesis format:
Can you give some advise for the future for us as a lab? What has long-term future? Empower citizens, give them control over their digital lives or help businesses with new digital government services, which are still immature. The Chamber of Commerce has 48 products (roughly), yet the inherent system complexity is limited. The digital transformation of this organisation is not yet as far as RDW? EBSI alternative for parts of expensive eHerkenning?
ToDo: what is your 1 year dream assignment {external phd???,LSP}?
Mashed my previous work survey_eidas_high_compliance (2).pdf and MSc_Erwin_Nieuwlaar (36).pdf into a few sentences. They are now included in the current document: MSc_final (53).pdf
Can you give some advice for the future for us as a lab?
- Remote identifying at eIDAS level of assurance (LoA) high is gold (potentie om alle fysieke balies in de EU te vervangen) (PhD level)
- Combining the above with a LoA high authentication to local private keys (secure element integration), creating a tamperproof protocol that incorporates: "something you know (PIN), something you have (Phone), something you are (Biometrics/something centralized)" including loss of 1 of these. This is a problem EDI will have to deal with and is not solved yet.
- EU reference wallet will soon be available, adding EU-wide Legal Entities to this wallet would be nice for TU Delft. Proving that brokers and QTSPs may not be needed in the new digital identity era. Alternatively, let a master student hack/exploit this wallet.
- KVK will most likely partake in 2 LSPs regarding EDI (POTENTIAL and EWC), an annual graduation project at the KVK is interesting to keep updated regarding EDI and the legal entity perspective thereof. what is your 1 year dream assignment {external phd???,LSP}?
Do LSP at KVK. If turns out not challenging enough: add external PhD
Review of thesis draft:
Current idea for Performance Analysis:
APK: https://drive.google.com/file/d/1FNVI3ZXOEldXIoqtPJQe9fvTNJ8NWbW_/view?usp=sharing
Fig. 1. Current situation of organization representation
, this is engineering. Lacks scientific grandeur. The Joost Principle
making the trust of the governmental business registry portable. Power of Attorney is merely a legal thingie to make this happen.Things that I think are left to do:
In this thesis
, keep neutral for possible arXiv upload: "we present"will provide a mainly self-sovereign digital identity to its citizens
by 2025.In this Chapter, we present the outcomes of implementing the Zero Trust Architecture for Legal Entities on top of TU Delft’s Decentralized Societal Infrastructure [56], further called the IDknip.
Our reference implementation focuses on creating a peer-to-peer protocol while integrating the Member State Chamber of Commerce Company Register of the Netherlands (KVK) to serve as the root of trust and the Makro as a verifier.
. too complex. With government assistance we conducted a pilot deployment of our prototype with live connectivity to the legal source of truth, the chamber of commerce. A commercial retailer acted as the verifier of the PoA with EBSI acting as the legal root-of-trust. Accomplishing a legally binding delegation that is cross-border, decentralized, verifiable, has revocation, and enables management of legal delegation of authority for all EU Member States in a matter of seconds instead of weeks.
We shorten legally binding delegation that is cross-border, decentralized, verifiable, and has revocation from a week-long process to mere seconds.identity of users and entities
natural users and legal entitiesFig. 7. Flame Chart of retrieving PoA from the KVK
now comes after "Conclusions"Problem Statement
t.b.d.
(starting today, but 10 ECTS left)