Using Hyperledger for Blockchain Identity Management

The complexity of modern business networks raises some troubling issues for managing user identities and access. Many networks that were once accessible only by internal users are now based in the cloud and open to third-party collaboration with vendors, suppliers and partners.

Understanding and using hyperledger Fabric and Indy in blockchain identity management

Implementing access controls is a daunting and complex task in an environment where identities are widely disseminated and may include a combination of individuals, devices and applications. In the recent past, frameworks built on blockchain technology have appeared as potential solutions to the challenges of deploying IAM strategies and handling credential authorization in these environments and are now coming to the forefront as viable options for large organizations.

The Hyperledger project is one such solution. It offers several promising features for enterprise-level businesses in need of powerful IAM tools with granular user access and data privacy controls.

What is Hyperledger?

Hyperledger is an open-source blockchain project from the Linux Foundation that promotes development of blockchain technology and frameworks to solve various problems across industries. The community surrounding the project includes companies, software developers and academic institutions and is open for more members to join as it expands.

Hyperledger projects include three categories: distributed ledgers, libraries and tools. Distributed ledgers are of the most use to businesses seeking to harness the power of blockchain technology. In this category, Hyperledger offers six solutions:

• Besu
• Burrow
• Fabric
• Indy
• Iroha
• Sawtooth

For addressing data security and IAM issues at the enterprise level, Fabric and Indy provide the most relevant platforms and tools.

According to the Hyperledger website, Fabric allows for straightforward plug-and-play distributed ledger creation and delivers enterprise-grade technology to support the privacy of both identities and data. Blockchains using Hyperledger Fabric are permissioned, which creates an inherently higher level of security than permissionless blockchains can offer. Indy is specifically for enabling secure decentralized management for identities based on blockchain and other distributed ledgers.

Hyperledger is not a company in and of itself, nor does it support any kind of cryptocurrency. Its goal is mainly to focus on technology in a community setting for the creation of new frameworks that allow users to make the most of blockchain technology.

How does Hyperledger work for identity management?

Hyperledger enables identity and user management across enterprise networks. Access control lists introduce more granular permissions to improve privacy and reduce breach risk.

The Fabric framework from IBM serves as the basis for modular blockchain-based solutions. Multiple permission levels may be set for different enterprises, business partners and individuals using the blockchain, making it possible to shield data from unauthorized parties while maintaining flexibility and open communication where necessary.

The Indy framework enables decentralized identity management. As a solution seeking to support self-sovereign identity, Indy allows members to maintain ownership and control of identifying data. Identity owners determine who sees what information in connection with transactions, which guards against the possibility of identity theft. Decentralization increases protection by eliminating the need for a central identity database.

Together, Fabric and Indy allow enterprises to create permissioned blockchains in which enterprises issue user credentials and set qualification requirements. Users retain control over what verifiers see, and verifiers determine which trust model to use to determine if the given credentials are acceptable as proof of identity. Zero-knowledge proof increases confidentiality by allowing authentication while concealing actual identifying information.

Managing user identities and access permissions with Hyperledger makes it possible for enterprises to maintain user confidentiality when different groups require access to the same permissioned network. This addresses some of the most serious concerns in IAM, including network compromise from internal threats or third-party security vulnerabilities.

What are the benefits and drawbacks of using Hyperledger?

Hyperledger frameworks provide benefits for identity management, as well as a cohesive experience for both internal and external users.

Efficiency
Relying on the blockchain for identity management, user authentication and access authorization can increase productivity significantly. Between 30% and 40% of customer service calls relate to login issues in some way. Having one identity that grants access to all necessary applications and data minimizes confusion and frustration. This allows business processes to go on uninterrupted while relieving the customer service and IT departments of a significant burden.

Interoperability
Self-sovereign identities travel with their owners, so identifying information stored in the blockchain can be used across applications, platforms and administrative domains. Such interoperability enables data transfer between enterprises and third-party collaborators or partners. Being able to obtain authorization and access using a single identity instead of multiple separate sets of credentials reduces silos and makes network access more flexible.

Privacy
To address the issues of data security and privacy associated with third-party access, Hyperledger offers channels and private transactions. Channels allow two or more members of the blockchain to conduct transactions confidentially, such as in the case of price negotiation to close key deals.

When additional privacy is required, especially in cases involving highly sensitive data subject to strict compliance regulations, two blockchain members can use a private transaction. Provisions within Hyperledger make it difficult for other parties to determine the identities of the individuals involved and also prevents unauthorized individuals from seeing what data was transferred.

Complications
Like the blockchain itself, Hyperledger is still a relatively new player in IAM and cybersecurity. Enterprises may be wary of making a shift, especially those just starting to adopt cloud platforms or still relying on legacy systems.

Hyperledger’s relative complexity also creates a barrier to adoption for enterprise IT teams with little knowledge of distributed ledger technologies. If the people handling IAM don’t recognize the benefits of blockchain for identity management, they’re unlikely to be interested in the idea of adopting a new framework.

Where can businesses get help implementing a Hyperledger framework?

Enterprises interested in using Hyperledger technology can do so with help from certified service providers. The Hyperledger certification program “is a pre-qualified tier of vetted service providers who have deep experience helping enterprises successfully adopt Hyperledger,” so businesses can be assured each partner has the knowledge and skill necessary to deploy effective Hyperledger solutions.

Partners in the program have been trained to implement distributed ledger technologies, and they work alongside enterprises to support ongoing success. This requires cooperation from IT teams, IAM specialists, cybersecurity professionals and any other employees overseeing network operations.

Hyperledger adoption may also necessitate additional employee education and training to ensure all users understand how blockchain identity management works. Those tasked with supervising network security must also be trained to utilize the full potential of Hyperledger frameworks.

Before committing to a switch to Hyperledger, enterprise IT and cybersecurity teams should audit current security and IAM solutions to determine if their companies would benefit from blockchain-based identity management. The more complex the network, the more likely a distributed ledger is to be a good approach to take when developing strategic, granular IAM protocols.

CIMP grandfathering is available to qualified technical identity management professionals – Learn More

As enterprise-level IAM needs continue to evolve, solutions like Hyperledger may become necessities rather than novelties. The complex, flexible and customizable nature of blockchain frameworks provides an alternative to more vulnerable IAM solutions. Companies seeking to remove silos between administrative domains, empower employees to work more efficiently and minimize the risk of third-party data transactions can look to Hyperledger for the tools to support their efforts.