A shared responsibility model to support cross border and cross organizational federation on top of decentralized and self-sovereign identity: Architecture and first PoC

Kubach, MichaelHenderson, IsaacBithin, AlangotDimitrakos, TheoVargas, JuanWinterstetter, MatthiasKrontiris, IoannisRoßnagel, HeikoSchunck, Christian H.Günther, Jochen2023-06-052023-06-052023978-3-88579-729-6https://dl.gi.de/handle/20.500.12116/41696This paper discusses the challenges of transitioning from legacy federated identity systems to emerging decentralized identity technologies based on self-sovereign identities (SSI) and verifiable credentials, which are being used in initiatives such as Gaia-X and Catena-X for secure and sovereign data sharing. The adoption of SSI and decentralized identity technologies requires a standardized reference model that addresses challenges around trust in cross-border and crossorganizational federations based on decentralized identities. To facilitate this transition, the paper proposes a new Fed2SSI architecture that introduces a middle layer of abstraction for the policybased transformation of credentials, enabling interoperability between legacy federated identity solutions and SSI/decentralized identity environments. The architecture is implemented in a prototype and an exemplary use case is presented to illustrate the added value of this approach.enself-sovereign identityssidecentralized identitydata spacesgaia-xverifiable credentialstrust infrastructuretrust policyfederated identity.A shared responsibility model to support cross border and cross organizational federation on top of decentralized and self-sovereign identity: Architecture and first PoCText/Conference Paper10.18420/OID2023_081617-5468