SSI Orbit Podcast

by | Nov 17, 2023

Secure Organizational Identity (with Lance Byrd)


🎧   Listen to this Episode On Spotify   🎧
🎧   Listen to this Episode On Apple Podcasts   🎧

 

About Podcast Episode

We often think about our personal identities when we think of verifiable identifiers and verifiable credentials. We think of things like personal credentials, mobile driver’s licenses, or professional accreditations. But what about using the same tools and principles when it comes to managing the identity of an organization? How do the same tools and principles apply when managing the identity of an organization? Is it easier or more challenging to implement these concepts for organizational identities compared to personal ones? And importantly, what are the implications and impacts of effectively managing organizational identity?

In this podcast conversation with Lance Byrd, we delve into these questions, exploring the nuances and potential of organizational identity in the digital age.

Lance has been closely involved with the Global Legal Entity Identifier Foundation (GLEIF), an initiative born out of the 2008 financial crisis. GLEIF’s primary mission is to foster a transparent global system for identifying legal entities, known as the Legal Entity Identifier (LEI). This system is crucial for enhancing transparency in organizational identities, which is essential for effective regulation and risk assessment. More recently, GLEIF has focused on expanding the LEI’s utility by transforming it into a verifiable credential, termed the vLEI. This discussion with Lance taps into various use cases, frameworks, and insights from GLEIF, providing a deeper understanding of the complexities and significance of organisational identity.

In our conversation, I was particularly intrigued by Lance’s insights on the contrast between administrative and cryptographic trust. Administrative roots of trust, which are widespread in our daily lives, often lead to persistent cybersecurity challenges. Lance elaborated on how cryptographic roots of trust offer more secure and dependable methods for identity verification. We delved into real-world scenarios, including the recent MGM/Okta cyberattack, to illustrate these concepts.

This discussion was enlightening, and it felt like we could easily spend many more hours exploring this topic. There might be more on this in 2024! I hope you find this podcast episode as engaging and informative as I did.

The full list of topics discussed between Lance and I in this podcast include:

  1. Differences Between Personal and Organizational Identity: We explored the unique challenges and political concerns surrounding personal identity, contrasting them with the complexities yet seemingly smoother processes in organizational identity.
  2. Legal and Privacy Concerns in Identity Management: The discussion highlighted how legal structures and privacy concerns shape the management of both personal and organizational identities, with a special focus on GDPR and its implications.
  3. Governance and Trust in Organizational Identity: The conversation shifted to the role of governance and trust in shaping organizational identity, using examples like the EU Banking Authority to illustrate these concepts.
  4. Integrity of Signatures and Cybersecurity: We discussed the critical importance of signature integrity in preventing cybersecurity attacks, examining recent incidents like the MGM Okta attack.
  5. Security Mechanisms and Key Rotation: The podcast touched upon the importance of security mechanisms like key rotation in enhancing digital security, differentiating it from traditional password changes.
  6. The Interplay of Security Features and User Experience: We delved into how user experience and design play a crucial role in the adoption of security technologies, balancing ease of use with robust security measures.
  7. Differences in UX Between Consumer and Organizational Contexts: The discussion concluded with an examination of the varying approaches to user experience in consumer versus organizational settings, and the challenges in changing consumer behaviour regarding privacy and security.

 

About Guests

Lance Byrd is a secure organizational identity developer at GLEIF and co-founder of RootsID. He has been working on secure global scale data systems for over 20 years. He is helping to build the verifiable Legal Entity Identifier (vLEI) ecosystem to facilitate trusted interactions between legal entities around the globe. He is the co-chair of the Trust over IP (ToIP) did:webs task force which is an effort to secure did:web and bridge the DID-based ecosystem with the vLEI ecosystem. He participates in many open source and specification efforts with Trust over IP, KERI, Decentralized Identity Foundation, Hyperledger, and W3C. And, has given public talks on SSI, KERI, the vLEI ecosystem, identity wallets, DIDComm, and more.

Where to find Lance?

➡️ LinkedIn: https://www.linkedin.com/in/2byrds/

➡️ X: https://twitter.com/LanceRootsID

Related Episodes

Want to Be a Guest?

Come Onto the Show

Stay Connected to Get The Latest Podcast Alerts

Introducing our groundbreaking Trust Registry platform

The ultimate solution for forging resilient trust ecosystems in today's digital landscape.

Trust Registry

Products

 

Orbit Enterprise

Establish your own trusted digital interactions ecosystem with your customers, partners and suppliers

Orbit Edge Wallet

Hold and manage issued verifiable credentials securely and in a privacy-preserving way

Orbit Trust Registry

Empower your organization to establish credibility, verify identities, and foster secure interactions with confidence and ease.

Updates

 

Product Updates

Solutions

 

Verified Person

Receive a verifiable credential from Northern Block

OpenID4VC

Try our new OpenID4VC demo

Energy and Mines Digital Trust

Organizational Wallet and Credentials

Receive, store and exchange organizational credentials within your ecosystem

 

 

 

OpenID4VC Demo

Exchange verifiable credentials over OpenID4VCI and OpenID4VP.

 

Resources

 

SSI Orbit Podcast

Self-sovereign Identity, Decentralization and Digital Trust

Blog

Insights and News from the Forefront of Self-sovereign Identity

Latest Content