As part of the Charter Innovation Challenge, I created a prototype Blockchain Identity, a form of decentralized identity (DID). The DID provided authentication and authorization, but the resource protected was called the Personal Data Store (PDS). The PDS can house any type of data, stored in a DVR set top box. The prototype intended to allow users to share their data with other parties, letting others “subscribe” to the data. The Innovation panel asked us to build the use case around medical data, envisioning a future where customer would store all kinds of data including EHRs, fitness data, and so on. This data could then be securely shared with Care Providers, using FHIR as the mechanism.
Personal Digital Identity
Overview
Personal Digital Identity (PDI) aims to revolutionize how individuals control and manage their personal data. By providing a secure, decentralized system, PDI empowers users to maintain sovereignty over their digital identities and information.
Genesis
The concept of PDI draws inspiration from both science fiction and technological advancements. Influenced by "Black Mirror" and David Siegel's "Pull: The Power of the Semantic Web," the idea envisions a personal data locker that securely stores and manages all user information, from personal preferences to health records.
Current Identity Ecosystem
Today's identity ecosystem is fragmented and insecure, leading to inefficiencies and risks:
- Sensitive data is scattered across various identity providers.
- Non-standard security and privacy policies.
- Multiple passwords and accounts increase vulnerability.
- Single points of failure and attacks.
- Users lack control, transparency, trust, and security.
PDI Vision
PDI aims to address these issues by:
- Personal Data Store (PDS): A secure repository for all user data, encrypted with the user's private key. It will provide an intuitive dropbox-like experience and feature data detection for automatic organization【6†source】.
- Decentralized Identity (DID): A self-sovereign identity system that allows users to control and permission access to their data without intermediaries. It ensures selective sharing of information and provides a secure mechanism for personal data storage.
Key Features
- Data Ingest: PDS will support data integration via an API, enabling data from smart devices and mobile applications to be securely ingested and organized.
- Data Sharing: Users can share data with third parties using virtual identities and blockchain-based identifiers, ensuring privacy and control.
- Smart Assistant: Leveraging a robust rules engine and machine learning models, the PDS can act as a smart assistant, providing advanced functionalities and personalized experiences【6†source】.
- Dashboard: A unified interface for users to manage their PDS, featuring secure access through keys and potential biometric authentication.
Use Cases
- Healthcare: Secure sharing of medical records and health information with healthcare providers, ensuring privacy and accurate data exchange.
- Financial Services: Controlled sharing of financial information with banks and financial institutions, reducing the risk of data breaches.
- E-commerce: Secure transactions and personalized shopping experiences without compromising user privacy.
Technical Implementation
- Key Generation: Utilizes elliptic curve cryptography for secure and efficient key generation, compatible with blockchain algorithms like Ethereum's secp256k1.
- JWT Flow: Ensures secure and verified interactions with third parties by leveraging JSON Web Tokens and blockchain verification.
- Blockchain Integration: Employs blockchain technology for immutable and secure data storage, providing provenance and control over personal data.
Future Directions
The PDI project aims to continuously evolve, addressing emerging challenges and integrating new technologies to enhance user control and security. The vision includes widespread adoption of decentralized identities and personal data stores, ultimately creating a more secure and user-centric digital ecosystem.
By leveraging cutting-edge technologies and a user-first approach, PDI sets the foundation for a future where individuals have complete control over their digital identities and personal data.
Videos