世界经济论坛-供应链区块链的包容性部署第2部分 - 可靠的数字身份验证（英文）-2019.4-29页.pdf

White PaperInclusive Deployment of Blockchain for Supply ChainsPart 2 Trustworthy verification of digital identitiesApril 2019World Economic Forum91-93 route de la CapiteCH-1223 Cologny/GenevaSwitzerlandTel.:+41(0)22 869 1212Fax:+41(0)22 786 2744Email:contactweforum.orgwww.weforum.org 2019 World Economic Forum.All rights reserved.No part of this publication may be reproduced or transmitted in any form or by any means,including photocopying and recording,or by any information storage and retrieval system.This white paper has been published by the World Economic Forum as a contribution to a project,insight area or interaction.The findings,interpretations and conclusions expressed herein are a re-sult of a collaborative process facilitated and endorsed by the World Economic Forum,but whose results do not necessarily represent the views of the World Economic Forum,nor the entirety of its Members,Partners or other stakeholders.3Inclusive Deployment of Blockchain for Supply Chains:Part 2 Trustworthy verification of digital identitiesPrefaceIntroductionTrustworthy identity verification in global supply chainsWhy this is important:the digital identity landscapeWhat is a digital identity?Choosing between three archetypes Centralized FederatedDecentralizedHow to determine the appropriate archetype Regulatory and legal considerationsDesigning identity systems for future supply chains Identity system principles for future supply chainsProposed digital identity model for future supply chainsTrust between governmentsTrust between business and governmentsTrust between businessesNext stepsAppendix 1:Workings of a decentralized identity modelVerifiable credentials in decentralized identitiesIdentifying a legal entityGlossaryContributorsEndnotes5677810101011131415151516192021222324252728Contents4Inclusive Deployment of Blockchain for Supply Chains:Part 2 Trustworthy verification of digital identities5Inclusive Deployment of Blockchain for Supply Chains:Part 2 Trustworthy verification of digital identitiesPrefaceSupply chains are becoming increasingly digital.A central requirement of these digital business networks is the ability to effectively make use of partners in a trustworthy way.As such,organizations need a comprehensive system for the verification and management of digital business identities that is both dynamic and trustworthy.Despite recent improvements in digital identity verification systems,they need further development to support the supply chains of the future.New demands on the digital identities of legal entities and possibilities for supply-chain organizations will likely be ushered in by the Fourth Industrial Revolution with shifts enabled by the internet of things(IoT),artificial intelligence(AI)and,in particular,distributed ledger technology.The pace of development is faster than ever before,and decision-makers need to re-evaluate the systems they have in place to manage digital identities.This paper advances two topics identified by the World Economic Forum:1.This is the second white paper in a series and part of a broader project focused on the co-creation of new tools and frameworks to shape the deployment of distributed ledger technology in supply chains towards interoperability,integrity and inclusivity.The World Economic Forums Centre for the Fourth Industrial Revolution is working with a multistakeholder group to produce a project that includes:A series of white papers published in 2019.Collectively and individually,these papers will offer insights into and explorations of specific considerations for decision-makers in harnessing blockchain technology effectively.A concise,easy-to-use toolkit to be released at the end of 2019 covering important topics for supply-chain decision-makers to consider for responsible blockchain deployment.2.It contributes to the ongoing development of understanding about and the deployment of“good digital identities”for the Fourth Industrial Revolution.As digital business interactions flow across borders in international supply chains,there will be many cases in which parties do not know each other before they conduct business together.It is our hope that the following overview of the opportunities,risks and some suggested next steps will stimulate stakeholders to embark on a new and exciting action agenda to build digital identity systems that are prepared for future supply chains.Derek OHalloran,Head,Future of Digital Economy and Society,Member of the Executive CommitteeManju George,Head of Platform Services and Public-Private CooperationNadia Hewett,Project Lead,Blockchain and Distributed Ledger Technology6Inclusive Deployment of Blockchain for Supply Chains:Part 2 Trustworthy verification of digital identitiesIntroductionDigital identity ensures integrity in connecting the physical and the digital world.In global digital supply-chain transactions,it is essential for a legal entity to prove its own identity and check those of other parties,each of which requires a unique,verifiable and authentic digital identity.While this paper can be read alone,it does not introduce basic blockchain concepts.This is covered by the first World Economic Forum white paper in this series for further reference see Inclusive Deployment of Blockchain for Supply Chains:Part 1 introduction,April 2019.The first white paper covers topics such as basic blockchain concepts,blockchain features that are attractive for supply-chain solutions and the findings on concerns that supply-chain actors have for the deployment of blockchain technology,including a concern over trustworthy digital identity management that gave rise to this paper.This white paper therefore explores considerations,proposed principles and recommendations for supply-chain organizations and governments in managing the growing complexity of the digital identities of legal entities involved in global trade.The paper investigates the possibilities enabled by a digital Global Trade Identity4(GTID)for legal entities participating in global supply chains.The intention is that GTID is used for any business interactions in global supply chains and enables any supply-chain partner to dynamically validate the trustworthiness of a legal entity with which it is about to engage in a business interaction.The paper suggests that a GTID is a prerequisite for efficient digitization of global supply chains and supports the digital eras increased focus on optimizing a businesss environment instead of organization-centric optimization.The emergence of decentralized identity systems is explored which holds a unique opportunity for global supply-chain organizations and governments to create GTID systems that cater for future supply-chain interactions.The paper also highlights that decentralized identity systems are not yet ready for general use due to business,regulatory and technology challenges,but both the public and private sector can already position themselves for future success.While blockchain is one type of distributed ledger technology,for simplicity,the terms are used interchangeably in this paper to cover all types of distributed ledger technologies.Other definitions pertaining to this paper can be found in the glossary.DecentralizationNew technologies and current advances in IT are providing new paradigms in understanding how organizations can collaborate without relying on a trusted intermediary and may bring transformative changes.Decentralized ledger technologies such as blockchain are transferring the authority,risk and reward of defining and enforcing system rules and record keeping from a central entity to a group of entities of which none has controlling power.1Transactions and their details are recorded in multiple places at the same time,without a central database or administrator.2Blockchain provides“trust”between and among unknown parties to transact business and exchange information without an intermediary,while ensuring data integrity and providing a full audit trail.3Trust mattersThe technology underpinning the GTID is the foundation for enabling the dynamic validation of trust globally,but there are many other non-technical considerations that contribute to the trustworthiness of an entity,including procedures for issuing and proofing identities,how IT systems are secured,how companies are managed,company ethics/cultures etc.These factors are outside the scope of this paper.7Inclusive Deployment of Blockchain for Supply Chains:Part 2 Trustworthy verification of digital identitiesTrustworthy identity verification in global supply chainsGlobal supply chains span national borders and involve businesses from different industries;actors need to work collaboratively to optimize the flow of physical goods,information and financial transactions.Identity and trust assurance lie at the core of each of these interactions.Supply-chain organizations need to know and trust each partner they are engaging with,prior to offering digital services or access to resources.Organizations need to ensure they are dealing with the right entity and efficiently link a digital identity and a real organization,and more importantly evaluate the trustworthiness of a legal entity of interest.This process of dynamically verifying counterparts digital identity management and verification is a critical step in establishing trust and assurance for organizations participating in digital supply-chain transactions.Why this is important:the digital identity landscapeTo prepare your organizations supply chain for the complexities of an increasingly digital world and the adoption of emerging technologies such as blockchain,this paper encourages governments,organizations and the supply-chain industry to review the possibilities for new emerging technologies and a digital GTID.The current state of identity management consists of inefficient manual processes that could benefit from new technologies and architecture to support digital growth.As the number of digital services,transactions and entities grows,it will be increasingly important to ensure that transactions take place in a secure and trusted network in which each entity can be dynamically identified and authenticated.5Today,most identity systems exist in isolation.Different public and private solutions record and maintain identical identity data potentially hundreds of times over,and are not interoperable,creating a significant amount of redundant identity information.This is a waste of resources for the network in question,is difficult to scale and is buried in error-prone and paper-heavy processes.6Figure 1:Identity management that is isolated today is moving towards becoming decentralized tomorrow7Certificate of Incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYCertificate of incorp.Entity type AddressOperating licencesPermitsSignificant holdings ENTITYToday DIGITALIDENTITYTRUCKPLANE PORTCUSTOMS INSURANCEBANK/TRADE FINANCE BENEFICIAL CARGO OWNER PLANT OCEAN LINERWAREHOUSEENTITYTomorrow8Inclusive Deployment of Blockchain for Supply Chains:Part 2 Trustworthy verification of digital identitiesAlso,the case for robust and scalable GTID becomes clear when considering the advance of Fourth Industrial Revolution technologies.As technologies such as blockchain,internet of things(IoT)and artificial intelligence(AI)advance supply chains,the systems by which organizations verify identity should also do so.For example,the capabilities of blockchain mean that some future supply-chain transactions and business processes might be handled by autonomous software agents(ASA)and IoT,dynamically interacting with various parties on behalf of legal entities,so placing greater emphasis on seamless verification of identities.The digital-business era requires enterprises to rethink many aspects of their business models.Several enterprises in global supply chains have moved their digitalization focus outwards towards the business networks of which they are part.A GTID should enable identity verification that can be more efficient,scalable and sustainable and therefore support digital optimization of business networks.With the adoption of emerging decentralization identity technologies a nascent technology looked at in more detail later in the paper there is the potential for a technology that supports a GTID without giving power to a centralized administrator.Trustworthy digital identities of legal entities are a topic on the agenda across international trade organizations and governments,including:The Belgium,Danish,Azerbaijani governments and local governments such as the Government of British Columbia and Ontario,as well as the European Unions eIDAS initiative The United Nations(e.g.United Nations Economic and Social Commission for Asia and the Pacific ESCAP and United Nations Commission on International Trade Law UNCITRAL),and the World Economic Forum public and private collaboration on advancing good,user-centric digital identities Private organizations such as Alastria,which focuses on Spanish-speaking countriesWhat is a digital identity?Digital identity is a unique representation of a legal entity engaged in an online transaction.8 It enables remote interactions and trust between entities by providing vital information about the entity,ensuring that it exists in the real world.9In this paper we use the term proof of existence to cover any electronic information that can document that an entity is a legal entity under a specific jurisdiction.Digital identity tools can be used for other purposes,such as for authorization and providing information(e.g.export licences or C-TPAT certification)beyond simply authenticating a legal entitys identity.10 This paper focuses on digital business-to-business(B2B),business-to-government(B2G)and government-to-government(G2G)interactions,and therefore does not cover individual or citizen-to-citizen relations and digital identity considerations,requirements and solutions.We will briefly cover the employee-to-business relationship,but the papers focus is on legal entities.Proof of existence In the identity context,a“proof of existence”,in its simplest form,is a way to prove that an entity exists.In this paper,“proof of existence”covers any el