Michael Ruminer
3 min readJan 30, 2024

Thoughts on Self-Sovereign Identity: A Systematic Review, Mapping and Taxonomy

An small image of a graph with lots of nodes and edges. Too small of an image for a large graph to be able to read any of the nodes

I ran across a paper named Self-Sovereign Identity: A Systematic Review, Mapping and Taxonomy. It was published mid-2022 so it is not the most up to date for the topic but it is very interesting and still of high value. It’s a meta-study of four research questions about self-sovereign identity.

  • RQ-1: What Practical Problems Have Been Introduced and Solved?
  • RQ-2: What Properties, Formal Definitions and Cryptographic Tools Have Been Used?
  • RQ-3: What Conceptual Ideas Have Been Introduced or Refuted?
  • RQ-4: When, Where, and by Whom Were SSI Studies Published?

It spends a lot of text before the research questions on how it built the study objectively, criteria for the data, and criteria for the inclusion of the other research papers. Though interesting, it was not what compelled me in the paper. As you might imagine, it was the red meat of the paper, the research questions, that I really found most interesting.

You’ll find in the research question sections that it does a nice inventory of various papers and a description of what they cover. I found RQ-1 to be the most interesting as it covers a lot of verifiable credentials and verifiable presentation topics.

Of RQ-1 I found section 6.2 to be of special interest. It covers:

The operational facet is divided into two facets: VC and VP.
They are a collection of concepts related to the functional aspects
of verifiable credentials and verifiable presentations.

And includes:

  • Revocation
  • Decentralized Identifiers
  • Issuer Authorization
  • Delegation
  • Backup and Recovery

RQ-3 is a short section and starts with an interesting statement that is probably less true today than when written but still holds a lot of truth.

...that there is currently no agreement on a definition of SSI... 
Our third research question is answered by an examination of
the literature’s debates on the SSI definition.

Though I appreciate RQ-4 and it makes sense in the context of the paper, I found the least value in its presentation. It did remind me of a relationship graph I created a number of years back except that my graph was on the relationship of the specifications at the time. The header image of this post is a small rendering of that graph. You can find the useful version at Verifiable Credentials Specification Map. Reader beware that the specification map I list was last updated late May of 2021 so it is not an accurate source of the state of specifications for today though many of the relationships it does show are likely valid. This is really a topic for a different day.

All in all, despite the relative age of the paper, the other papers it refers to are often still valid today in their intent and basic questions, agreements, and refutations. I think it is well worth your time to look at the research questions portions if interested in self-sovereign identity (a phrase that seems to be moving more so out of popular use) and verifiable credentials.

Michael Ruminer

My most recent posts are on AI, especially from the perspective of a, currently, non-AI tech worker. did:web:manicprogrammer.github.io