OMEGA-X is developing an identity manager based on self-sovereign identity aligned with GAIA-X Trust Framework and EIDAS.
The GAIA-X Trust Framework is based on the concept of Self-Sovereign Identity (SSI). The change of paradigm imposed by GAIA-X Trust Framework removes the necessity of central identity repositories. However, the necessity of trust among participants is still needed and this is where GAIA-X Trust Anchors come into play.
OMEGA-X is currently developing a Trust Anchor which is responsible for the issuance of Verifiable Credentials (VC) to the participants (holders). These VC issuers need to be registered into the Gaia-X Registry to be considered valid issuers of credentials inside the ecosystem. After the issuance of the credentials, the holders are responsible for securely managing these credentials.
Figure 1: GAIA-X Trust Anchor [2]
The by OMEGA-X proposed identity management solution seeks compatibility with both GAIA-X and IDS architectures. This compatibility between GAIA-X and IDSA reference architectures is possible thanks to the Certification Authority included in IDS. The OMEGA-X solution will issue certificates for IDS connectors and register the required information in the DAPS on the one hand, and on the other hand it will issue GAIA-X compatible Verifiable Credentials based on X509v3 certificates. This approach is aligned with the Data Spaces Business Alliance (DSBA). This organization is working actively in the convergence of the different existing European data spaces architectures and ecosystems. Regarding SSI Identity management, the proposal of the DSBA, described in their document “Technical Convergence. Discussion Document” [1], is to rely on identifiers already used in digital certificates for the issuance of Verifiable Credentials. Thus, it is possible to establish a bidirectional mechanism to derive DIDs (Decentralized Identifiers) from digital certificates. The adoption of this approach is fully aligned with the solution proposed by OMEGA-X for identity management.
In summary, the OMEGA-X Identity provider will contain a certification authority capable of issuing both, IDS and GAIA-X digital certificates based on X509 v3 digital certificates. In addition, it will also issue a Verifiable Credential taking identifiers from the issued certificate. This approach will foster interoperability with other data spaces allowing IDS based data spaces to onboard into the OMEGA-X GAIA-X based Energy Data Space.
References
| [1] | D. S. B. A. (DSBA), “Technical Convergence,” [Online]. Available: https://data-spaces-business-alliance.eu/wp-content/uploads/dlm_uploads/Data-Spaces-Business-Alliance-Technical-Convergence-V2.pdf. [Accessed 5 December 2023]. |
| [2] | GAIA-X, “Trust Framework,” [Online]. Available: https://gaia-x.gitlab.io/policy-rules-committee/trust-framework/trust_anchors/. [Accessed 5 December 2023]. |