Microsoft Unveils ION Version 1 for Decentralized Identities

Microsoft last week announced that its open source Identity Overlay Network (ION) decentralized identifier (DID) solution has advanced to version 1.

ION, based on the Sidetree DID network protocol fostered by the Decentralized Identity Foundation, was at the beta stage back in June and first emerged as an early preview in 2019. It's one of the components aiming to give control over identities credentials back to the people or organizations that established those identities.

ION uses the Bitcoin blockchain electronic ledger technology to isolate the credentials information. The idea is that a user creates an identity and no other party has control over that ledger entry. Such a scheme possibly may enhance privacy protections. It could avoid the fallout when organizational security breaches occur, exposing credentials information.

Here's the Decentralized Identity Foundation's definition of ION:

ION is a Layer 2 open, permissionless network based on the purely deterministic Sidetree protocol, which requires no special tokens, trusted validators, or additional consensus mechanisms; the linear progression of Bitcoin's timechain is all that's required for its operation.

Microsoft encourages the deployment of ION nodes by parties as "the more nodes in operation, the stronger the network becomes." For its part, Microsoft has "deployed an ION node to our production infrastructure and are working together with other companies and organizations to do so as well."

It's possible to run a version of ION for Docker containers or it can be natively installed on machines. Microsoft is currently working on a dashboard to help operators monitor ION nodes, but it's unclear when that monitoring capability will appear.

Some other Microsoft ION efforts underway include adding a "light node configuration" to support low-resource devices, adding type tags for tagging DIDs as IoT devices and adding a querying capability to search ION's directory based on DID type.

ION version 1 is still considered to be at an early phase in enabling DIDs.

On top of ION, Microsoft has worked on other components that are conceived as enabling decentralized identities. The Microsoft Authenticator App could be used by end users to prove their identities in conjunction with a fingerprint scan, for instance. Microsoft also published a Verifiable Credential software development kit for use with Azure services. Verifiable Credentials are a World Wide Web Consortium recommendation. Microsoft also developed technology called "Identity Hubs," which is used for encrypted personal data storage. It was added to a Secure Data Storage standards effort.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube