key: cord-0058723-l259opqi
authors: Kulabukhova, Nataliia
title: Self-sovereign Identity as Trusted Root in Knowledge Based Systems
date: 2020-08-20
journal: Computational Science and Its Applications - ICCSA 2020
DOI: 10.1007/978-3-030-58808-3_2
sha: 716cee908d0c0b0052090314cc412e441f5edd74
doc_id: 58723
cord_uid: l259opqi

In this paper we continue to speak about the concept of Self-Sovereign Identity (SSI), but not in the cases of IoT devices as it was in previous works [1]. The main purpose of this research is the usage of digital identity in two cases: a) SSI of a single person in Knowledge based system “Experts Ledger” and b) SSI of a company and candidate in HR matching systems. Though these two systems are developed for different issues, the idea of SSI in both is similar. The overview of these systems is done, and the pros and cons of using SSI with the relation of Zero-Knowledge Proof (ZKP) in each of them is made.

Self-Sovereign Identity (SSI) become very popular for the last two-three years, because of the growing interest to the blockchain technologies, though the idea of it has its own life before the distributed ledger appears.

That is why, it is more correct to divide the SSI concepts into BlockChain and Non-Blockchain. In this paper, we will focus more on SSI using distributed ledger technologies, because the main stopping point of evaluation of Non-Blockchain approach was the usage of centralized root. The progress of distributed ledger gave the solution of this problem. In this case, the distributed ledger plays the role of a distributed trust root, excluding the possibility of falsifying data about digital identity and its capabilities in the digital world.

In the works [2] [3] [4] the survey of rules on which the SSI must be based is done. The main properties of SSI according to these papers are: Existence, Control, Access, Transparency, Persistence, Portability, Interoperability, Consent, Minimalization, Protection, Provable. All these is very important for the applications for SSI. The overview of existing applications [5] (though some of them are just the description of the concept) shown that it is very difficult to follow all these rules at once. Besides, very interesting assumption was made in [6] about the dependence from the type of blockchain: permissionless or permissioned. This makes development of SSI based applications a very comprehensive task, and the main reason for not existing widely used and fully developed open-course one yet.

Despite of mentioned problems the concept of digital verified identity of single person, company or even some IoT device, connecting with each other in some environment like knowledge based system is some kind state-of-the art and becoming really necessary in todays digital world.

In this work the idea of using SSI with the ZKP inside in two different knowledge based systems is described. First the overview of the "Experts Ledger" is made, the other is developing for HR purposes. But these two are only the examples of such kind of systems, the list is not limited by them. Further our conversation will show, that the idea is more general.

The main goal of the system "Experts Ledger" is to create an intellectual knowledge base about researchers in various fields of science, with the ability to rank and compare experts by different relevant criteria. The system also allows the user to browse the information about researchers, their scientific and expert works. Based on all the accumulated information, the system allows you to build the block of analytic data about researchers and their work. Types of work presented in the system are the following: According to this information the system has the following features:

1. Flexible full-text search for people and their works (grants, contracts, articles, expertise); 2. Loading (adding) and uploading data about experts; 3. Graph representation (mapping expert relationships); 4. Analytics based on information available in the database.

The General scheme of the system interaction is shown on the Fig. 1 . The system allows you to load data from several interconnected databases. After comparing and analyzing the data, the system forms its internal database, which is then used for work. In addition to uploading data from external databases, the system also allows to add external files uploaded to the database by system users. The user communicates with the system via the web interface. Then the system processes the user's requests and interacts with the database ( figure) , which stores all the information.

The General scheme of the database structure of the system is shown in the Fig. 2 The information is uploaded from different databases and preprocessing of the received data is made. After that, the database of the knowledge based system is formed and relationships are build. Updating occurs by adding new information to the existing database, while preserving all dependencies and ratings that were made before. This prevent the possibility of losing data. And all new relationships are made upon the previous iteration of update information, but not constructing from the beginning. This is very important for the SSI, because allows to avoid the reconstruction of Decentralized Identifiers (DID) for each entity of the system.

The database is updated 2 times a week. The system also provides a database update date display to correctly display search data on the date of database upload. Since syncing with Base1 and Base2 databases and then updating the existing database in the system takes several hours, it is not reasonable to update the data more frequently.

The technology stack for backend development includes the following components (the license types under which the software is distributed are given): 

You can use a distributed ledger in this system in two states:

1. as a record of transparency of operations performed in the system (logging information about user actions); 2. anonymization of the expert (confirmation of the reliability of the assessment of expert activity without disclosure the private information about the expert).

In this paper we will discuss more deeply about the second case, though the first is also very interesting to research.

In this case, experts are defined as researchers who carry out expert activities in a specific subject area. By evaluating the work of an expert, we mean confirming the expert's skills by specialists. Specialists can be other users of the system who have permission to issue an expert assessment. There are two ways to evaluate the expert's work in the system:

1. Add a comment in the "expert profile"; 2. Add a report on the conducted expertise with the results of the expert activity assessment.

How all this work i the concept of SSI and ZKP will be shown in Sect. 4.

Neety is the HR platform the main purpose of which is to help employers and job applicants mach each other in an easy and lite way. Obvious, that currently available applications for hiring employees do not perform the task as desired. The main idea of the solution described here is to create a service that allows user to quickly and objectively find an employer or applicant in accordance with the criteria specified in the resume/vacancy. The goal of development is convenience and reliability in finding employees on the one hand, and work on the other.

The problems of existing HR systems:

1. Job descriptions do not reflect the essence of what you have to work on; 2. There is a lot of superfluous information in job descriptions, but the necessary information is missing; 3. Description summary is too long and unreadable; 4. Criteria for searching for employees and vacancies do not allow you to filter out the right people or companies; 5. The structure of the summary and vacancies does not solve your problem. Thus, the developed solution should reduce the amount of unnecessary information that hinders both the applicant and the employer when searching. To do this, the system has a built-in matching algorithm based on three main steps: 1. Morphological correspondence; 2. Matching via tags; 3. Neural network.

As you can see, this is a standard approach to natural language processing. The main feature is the method of filling out the questionnaire, which allows you to improve the output of results already at the stage of text processing by the neural network.

The main factors of influence on the results are:

-The relevance of the main skill; -Relevance for the rest of the skills, taking into account prioritization; -Relevance for the money (no money → to the end of the issue); -Rating.

But this algorithm will be discussed in more detail in the next article, because the subject of this article is SSI.

The technologies we use in this case are practically the same as in "Experts Ledger", and they are listed in the Sect. 2.3 and are shown on the Fig. 4 .

In this case, the distributed ledger will act mainly as a decentralized trusted root, and the usage of ZKP is to evaluate the entities inside the system, based on a trusted, protected voting. Figure 5 shows the idea that using the Decentralized Identifiers based on the blockchain will protects the system from unverified users. 

In the case of HR mechanisms ZKP concept as it was mentioned before will work generally as voting.

Factors influencing the rating:

-No confirmation-neutral (zero points added); -there is a confirmation -plus one point; -there is a probability that the data does not correspond to reality -minus one point.

Both systems discussed above are based on working with verified data from both users and organizations. In the case of the first system, we refer only to the reliability of the researchers' data contained in the system. In the second case, the data of both: the individual submitting their resume for a job, and the data of the organization (firm) that placed this vacancy -are important. Let's look at these two cases separately first, and then look at their similarities and differences. In the first system, when we talk about researchers and their skills and competencies, at the beginning we based only on information collected from various databases. At the same time, this information can be either documented (we will call it verified information), or "written from words" (we will call it unverified information). And when we talk about the SSI concept, we mean just confirmation of data about this unverified information. To do this, the system introduces the concept of "Expert evaluation". What is meant by this concept, let's explain with an example. One of the researchers has information that he is an expert in the field of archaeology, but there is no information in our database about articles, projects and other documents in this field of research. In this case, this is unverified information. And in order to confirm or deny it, the system introduced the concept of "expert". An expert is a Trustee with the right to issue an expert assessment in a particular area.

In this case, the concept of SSI will apply both to the researcher with information that is not verified at the initial stage, and to the Expert who confirms this information. For a complete digital identity of the researcher, it is very important that all information is fully confirmed. To do this, the expert Advisor must also have a fully trusted digital identity. In the context of decentralized identifiers (DIDs), this means that the Expert has the right to rate the researcher. To do this, the expert must have a DID for rating in our example for archaeology. If the Expert has a DID for grading in mathematics, physics, or philosophy, but not in archaeology, the system will not allow the Expert to evaluate the researcher's activities in the field of archaeology.

In the case of the second system, two aspects are also important to us. The first is the confirmed data of the organization that posts vacancies. This will avoid finding "fake" vacancies in the system, and false triggering of the algorithm. In this case, SSI no longer works for one person, but for the entire organization. But on the other hand, the more applicants will also have SSI, the more reliable the information on the other side of the matching algorithm. Ideally, you can consider sending certain decentralized IDs to confirm your skills rather than filling out your competencies and creating a resume. However, this is still not possible in the near future, and it negates the operation of the matching algorithm.

First of all, it should be said that the Zero-Knowledge Proof concept (ZKP) as well as SSI existed and was used before the widespread usage of blockchain technology began. The essence of it is that an individual can confirm that he has the right to perform some action, without revealing any information about him-or herself and who gave the right for this action. This principle was widely used in the development of distributed ledger Bitcoin. There it evolved from ZeroCash [16] first to Zcach [17] , after it transformed to independent methods of zk-SNARKs [18] and zk-STARKs [19] . The comparison of SNARKs and STARKs is given in the Table 1 . Currently, these principles are mainly used to track the correct distribution of coins when making transactions in a distributed system. In the described above "Experts ledger" and "Neety" systems, the ZKP ideology is applied not only to the distributed voting, but also to the trustful interaction between the system participants. Let's look at this in more detail.

In this case, in both systems, we can use not only the SSI concept, but also the ZKP concept. When we talk about setting an expert rating for a researcher in the system of the "Experts Ledger", and when the rating of the applicant and the organization is calculated, it is important to correctly calculate the points assigned to all objects participating in both systems. It is important to maintain the reliability and independence of this rating. Therefore, it was decided to perform this calculation based on the blockchain technology and the ZKP concept. The main feature of using these tools allow the corrent user to be sure that this rating can not be forged or changed in anyone's direction. Thus, we get an independent variable rating of all objects in both systems, which on the one hand is based on the opinions of specific people, but on the other hand is independent, devoid of subjectivity.

Though, all described above has strong mathematical background, there are still some questions about the security and usability of SSI application itself and those with ZKP either.

Despite this, we are planing to integrate the technologies of ZKP concept in the future work on the projects. The existence of another ZKP application -Bulletproff [20] -should solve some of the problems of SNARKs and STARKs. And the future development of the project will be aimed to research and implement this technology.

Zero-knowledge proof in self-sovereign identity

Self-Sovereign Identity Solutions: The Necessity of Blockchain Technology

Deployment of a Blockchain-Based Self-Sovereign Identity

The Laws of Identity

Self-Sovereign Identity for IoT Devices

A note on efficient zero-knowledge proofs and arguments

Zerocash: Decentralized Anonymous Payments from Bitcoin

Transparent SNARKs from DARK Compilers

Scalable, transparent, and post-quantum secure computational integrity

Bulletproofs: Short Proofs for Confidential Transactions and More

Acknowledgment. The author would like to thank the whole team of the project "Experts Ledger": Oleg Jakushkin, Vladimir Korkhov, Artem Shurov, Ivan Marakhovskiy, Alexander Voskresenskiy. The author would like to express gratitude to Evgeniy Abramenko for the opportunity to work with the Neety project.