Skip to content
This repository has been archived by the owner on Feb 27, 2024. It is now read-only.

Commit

Permalink
Merge pull request #48 from mathieuglaude/patch-1
Browse files Browse the repository at this point in the history
Revised version V2.0
  • Loading branch information
vinomaster authored Feb 1, 2021
2 parents abffa24 + c58f934 commit 36f948d
Showing 1 changed file with 27 additions and 27 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
- Tags: #ufwg, #recommendation

## Summary
The objective of this document is to provide guidance on how to evaluate existing *Public Identity Utilities (PIU)*. For the purpose of this document, we will solely focus on blockchain-based public identity utilities. The main purpose of the framework described is to guide organizations who want to operationalize the Trust over IP stack to choose the best possible PIU that is aligned to their needs.
The main objective of this document is to provide a framework for guidance on how to evaluate existing *Public Identity Utilities (PIU)*. Note that in this document, we will solely focus on blockchain-based public identity utilities. The framework described below is meant for organizations/ecosystems who want to operationalize the Trust over IP stack to choose the best possible PIU that is aligned to their needs.

## Motivation
Who will get value from this framework:
Expand All @@ -24,57 +24,57 @@ The PIU is the foundation of the Trust over IP stack, providing a root of trust

![Layer 1 of ToIP Stack](./images/toip-stack-layer1.png)

This best practice document is the result of multiple interviews that were conducted with utility project conveners in October 2020. We spoke with conveners and participants of these following PIUs.
This best practice document is the result of multiple interviews that were conducted in October 2020, between members of the Utility Foundry Working Group and various utility project conveners. We spoke with conveners and participants of these following PIUs:

| PIU | Description|
| --- | --- |
| [Sovrin](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/sovrin.md) | The Sovrin Foundation is a nonprofit organization established to administer the Governance Framework governing the Sovrin Network, a decentralized global public network enabling SSI on the internet.|
| [Bedrock](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/bbu.md) | The Bedrock Consortium is a collection of international private sector companies that operate the Bedrock Business Utility (BBU), an independent self-governed non-profit legal entity.|
| [IDUnion](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/IDunion.md) | The IDUnion consortium (formally known as SSI for Germany) is a public private partnership of companies and institutions, which implement and govern the IDunion utility. |
| [Indicio.tech](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/indicio.md) | Indicio.tech was created to fill a need in the SSI community. Indicio's mission is to provide the professional services needed to build decentralized identity products.|
| [uPort](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/uport.md) | Unlike most active utility projects, uPort believes in permissionless ledgers and uses Ethereum as their PIU.|

* [Sovrin](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/sovrin.md): The Sovrin Foundation is a nonprofit organization established to administer the Governance Framework governing the Sovrin Network, a decentralized global public network enabling self-sovereign identity on the internet. Sovrin’ mission is to give every person, organization, and thing the ability to own and control their own permanent digital identity.
* [Bedrock](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/bbu.md): The Bedrock Consortium is a collection of international private sector companies that operate the Bedrock Business Utility (BBU), an independent self-governed non-profit legal entity that serves as a public identity utility. The BBU is intended to serve organizations that desire to participate in digital trust ecosystems and require an enterprise grade governance framework.
* [IDUnion](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/IDunion.md): The IDunion consortium (formally known as SSI for Germany) is a public private partnership of companies and institutions, which implement and govern the IDunion utility. The IDunion utility is intended to serve organizations that desire to participate in the digital trust ecosystem and require an enterprise grade governance framework
* [uPort](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/uport.md): Unlike most active utility projects, uPort believes in permissionless ledgers and uses Ethereum as their PIU.
* [Indicio.tech](https://github.com/trustoverip/utility-foundry-wg/blob/master/workflow/stories/indicio.md): Indicio.tech was created to fill a need in the SSI community. Indicio's mission is to provide the professional services needed to build decentralized identity products.

## Defining Your Ecosystem Solution Requirements
In creating business cases around technology, people often use a simple framework of Business, Legal and Technology as being areas of which to use within business decisioning processes.
In creating business cases around technology, people often use a simple framework of *Business*, *Legal* and *Technology* as being areas of which to use within business decisioning processes. A common mistake innovators should try to avoid is to start with technology requirements, before considering the business and legal requirements. With decentralized stacks such as the Trust over IP one, it’s critical to also take *Social* and *Governance* elements into consideration.

| Requirement | Description|
| --- | --- |
| Business | The critical activities of an enterprise that must be performed to meet the organizational objective(s) while remaining solution independent.|
| Legal | Any compliance requirements placed on an ecosystem or participants within the ecosystem that pertain to a range of laws such as financial regulations, tax obligations, and privacy regulation.|
| Technology | The range of technical issues that must be addressed to successfully complete a PUI project. These include but are not limited to performance, reliability, and availability.|

A common mistake innovators should try to avoid is to start with technology requirements, before considering the business and legal requirements. There’s also some missing elements to this framework when dealing with a decentralized stack.

With decentralized stacks such as the Trust over IP one, it’s important to take two further elements into consideration.

![5 lenses](./images/assessment-lens.png)

| Requirement | Description|
| --- | --- |
| Social | It’s important for my ecosystem to create value for the society and also generate income (if not wealth). Our solutions must be innovative, unique, people and environment friendly. Examples of social requirements can include transparency, inclusivity, diversity and accessibility.|
| Social | It’s important for my ecosystem to create value for the society and also generate income (if not wealth). Our solutions must be innovative, unique, people and environment friendly. Examples of social requirements can include transparency, inclusivity, diversity and accessibility. Beyond helping curb those global challenges, sustainability can drive business success. Several investors today use Environmental, Social, and Governance (ESG) metrics to analyze an organization’s ethical impact and sustainability practices. Investors look at factors such as a company’s carbon footprint, water usage, community development efforts, and board diversity.|
| Governance | The collection of governing processes required by the PUI to be successful and sustainable. |

As an innovator looking to transform their ecosystem using the ToIP stack, you want to start off by defining what is important in each one of these categories based on your respective needs. [In a future exploration, we will create a list of questions under each one of these areas]

These are not only the categories you want to use to evaluate your own project requirements, but also to evaluate existing PIUs features.
These are not only the elements you want to use to evaluate your own project requirements, but also to evaluate existing PIUs features.

## Evaluating a PIU Using 3 Best Practices
## Evaluating a PIU with Three (3) Best Practices

An innovator must conduct research on an existing PIU based on the same factors that they evaluated their own project requirements. Luckily we have started this process for you by documenting the [stories of various PUI projects here](https://github.com/trustoverip/utility-foundry-wg/tree/master/workflow/stories).
One must conduct research on an existing PIU based on the same factors that they evaluated their own project requirements. Luckily we have started this process for you by documenting the [stories of various PUI projects here](https://github.com/trustoverip/utility-foundry-wg/tree/master/workflow/stories).

Once you do this, you should be capable of having this table below filled out for comparison purposes. This is the first piece of due diligence. If there is no synergy between your requirements and the offering from the PIU, you will need to look for other options.

![BP Table](./images/bp-matrix.png)

1. Assessing Sustainability of a PIU: How will a particular PUI deploy a business model that will ensure long-term operational success. Please refer to our [best practice for assessing utility sustainability](../BP0015-assessing-utility-sustainability/BP0015-assessing-utility-sustainability.md).
2. Determining Affordability of a PIU: What budgetary and cost questions should be considered when evaluating a PUI? Please refer to our [best practice for determining utility affordability](../BP0016-determining-utility-affordability/BP0016-determining-utility-affordability.md).
3. Assessing Alignment to a PIU: description. How to evaluate the alignment of a specific PUI against your ecosystems goals and objectives. Please refer to our [best practice for assessing utility alignment](../BP0017-assessing-utility-alignment/BP0017-assessing-utility-alignment.md).
| Best Practices | [BP0015 - Assessing Sustainability](../BP0015-assessing-utility-sustainability/BP0015-assessing-utility-sustainability.md)| [BP0016 - Determining Affordability](../BP0016-determining-utility-affordability/BP0016-determining-utility-affordability.md) | [BP0017 - Assessing Alignment](../BP0017-assessing-utility-alignment/BP0017-assessing-utility-alignment.md) |
| --- | --- | --- | --- |
| | How will a particular PIU deploy a business model that will ensure long-term operational success? | What budgetary and cost questions should be considered when evaluating a PIU? | How to evaluate alignment to a PIU against your ecosystems goals and objectives?|
| 1. Business | | | |
| 2. Legal | | | |
| 3. Technology | | | |
| 4. Social | | | |
| 5. Governance | | | |
| **Scores** | x/10 | y/10 | z/10 |


## Making a Decision
From the previous table, you should be able to total the scores to see if there’s a fit or not. We’re using two different measures here:

* Cumulative: ToIP can recommend a minimum totaled threshold;
* Individual minimums: Individual assessors can set their own thresholds by metric.

![Making a decision](./images/scorecard.png)
![Venn Diagram](https://drive.google.com/uc?export=view&id=15SLR1AYwxVk1u1Oni1hdYkwI7oSA6iLp)


If you don’t meet the thresholds, you may want to keep exploring for other projects or you may want to consider convening your own project.

Expand Down

0 comments on commit 36f948d

Please sign in to comment.