Kuperberg, MichaelKlemens, RobinRoßnagel, HeikoSchunck, Christian H.Mödersheim, Sebastian2022-06-072022-06-072022978-3-88579-719-7https://dl.gi.de/handle/20.500.12116/38704Self-Sovereign Identity (SSI) is an approach based on asymmetric cryptography and on decentralized, user-controlled exchange of signed assertions. Most SSI implementations are not based on hierarchic certification schemas, but rather on the peer-to-peer and distributed “web of trust” without root or intermediate CAs. As SSI is a nascent technology, the adoption of vendor-independent SSI standards into existing software landscapes is at an early stage. Conventional enterprise-grade IAM implementations and cloud-based Identity Providers rely on widely established pre-SSI standards, and both will not be replaced by SSI offerings in the next few years. The contribution of this paper is an analysis of patterns and products to bridge unmodified pre-SSI applications and conventional IAM with SSI implementations. Our analysis covers 40+ SSI implementations and major authentication protocols such as OpenID Connect and LDAP.enSSISelf-Sovereign IdentityDIDDecentralized IdentifiersVCVerifiable CredentialsIAMIntegrationInteroperabilityProtocolOIDCOpenID ConnectOAuthSAMLLDAPX.509 Client CertificatesKerberosActive DirectoryADFSText/Conference Paper10.18420/OID2022_041617-5468