Use case spotlight: Enterprise Identity & Access with esatus SeLF

August 12, 2019

From Capital One to Cambridge Analytica to Equifax, it is statistically probable that most of us (and most everyone we know) have been victims to some of the internet’s more notorious hacks and breaches. For those of us working in the self-sovereign identity (SSI) community, seeing these hacks happen time and time again can be a frustrating reminder that the work we are doing together as a community is important. Companies building SSI products and solutions are working to change the way identity is done online, and the technology exists, ready to use—today.

One such innovator leading the way in SSI is Sovrin Founding Steward esatus AG. Specializing in information security matters, esatus AG was the first Sovrin Steward in Germany and an early advocate of the benefits of SSI, bringing the technology to German-speaking regions since 2016. 

We caught up with Dr. André Kudra, the Chief Information Officer of esatus AG to learn more about their new SSI product.  André is a strong supporter of SSI and a Sovrin Technical Governance Board (TGB) member. Thanks to his leadership, esatus is heavily committed to Sovrin, with various involvements in Sovrin working groups and an energetic member of the SSI community.

Sovrin: Thank you for taking the time to tell us about your work. Can you please tell us a little bit about esatus AG and your work with SSI?

André Kudra:  My pleasure.

At esatus AG, we dedicate ourselves to helping companies secure data and delivering the highest quality consulting services to all its customers. esatus has a strong footprint in the domain of Identity & Access (I&A) with a large customer base of enterprise organizations in major industries, e.g. banking, logistics, automotive, and pharmaceutical. esatus team members have more than 80k hours of I&A experience, implementing and driving customer projects to success. 

esatus is an attractive workplace for security-minded people of all skill-levels and ages, providing young talents job opportunities while still in their study programs. esatus actively supports flexible working models and drives all their workforce to continuously extend and hone their skills. Tech-savvy folks have the perfect “working home” at esatus!

In the many years working in information security, esatus was never satisfied with the monolithic yet complexly interwoven I&A solutions encountered in enterprise orgs. Hence, self-sovereign identity was quickly singled out as esatus’ strategic I&A initiative: SSI renders today’s cluttered and clunky enterprise Identity & Access landscapes as well as poor user experiences obsolete. 

esatus is an energetic member of the SSI community. Our activities include:

In a natural flow, esatus decided to consolidate all its know-how into a software suite delivering SSI-based enterprise I&A management: A product called “SeLF”. 

Sovrin: Please tell us more about SeLF. What problem does it solve? Who is your customer?

AK: For the past decades, enterprise I&A is prone to data redundancies, high inefficiencies, and intense regulatory scrutiny resulting in many findings. Remediation was costly and rarely sustainable. We at esatus are sure: SSI can resolve all of that. Hence, we will bring this innovation to our customers and help them leave all I&A woes behind. Leveraging SeLF, enterprise organizations can drastically reduce their I&A complexity while increasing security and compliance. Let’s call out some striking advantages:

To sum it up: SSI-based I&A with SeLF is faster, more flexible, more secure, compliant, and private than anything else out in the market today.


Sovrin: Please tell us a little bit more about the technology behind SeLF. What does it do?

AK: SeLF bridges the gap between established I&A solutions and contemporary SSI networks with the use of DIDs, wallets, and verifiable credentials in all I&A settings. 

SeLF transfers all advantages of SSI to the I&A world of enterprise customers. For them, SSI is the next generation decentralized alternative to public key infrastructures and directory services. SeLF comprehensively solves the enterprise I&A use cases with applied SSI:

For the existing IT landscapes, SeLF allows SSI integration without modifying legacy IT-applications, directories or management systems. Strategically, applications can be SSI-enabled natively, i.e. digest SSI credentials without proxy systems and determine the appropriate level of user access. 

SSI credential-based access rules (CrBAC) transform the new technology into authentication and authorization objects that can be synchronized and used by conventional technologies like SAML or LDAP. 


Sovrin: How have some of the recent advancements of decentralized identity helped accelerate the development of SeLF?

AK: The global SSI momentum has grown significantly since we embarked on our journey in 2016. The term ‘self-sovereign identity’ has spread dramatically, now meaning something to many people, something they can identify with. Technology is ready and available, eagerly waiting to be practically applied. These are great times!

Today, SSI-related projects are frontrunners for large-scale organizations in their digitalization efforts. The SSI community is utterly collaborative and united in its goals, with key contributors from competing organizations working side-by-side in W3C standardization groups and unconferences such as IIW and RWoT

It is a perfect time for anyone with an innovative mind to create SSI services and products. SSI-based solutions have the potential of becoming global game changers for digitalization. esatus has launched SeLF in its first iteration. Stay tuned! More will come.


Sovrin: What is appealing about the Sovrin Network?

AK: SSI and digital credentials are inevitable. We are convinced to the core that digitalization cannot be successful and sustainable without them. SSI translates trust of the real world in a digital and easy to handle way. No more intermediaries are required for adding trust artificially, bolted-on. This was never possible before to that extent, so conveniently, reliably, and efficiently. Hence, SSI is the most important building block of all digitalization endeavors. It is future-proof and drastically reduces complexity. This is what we need to make digitalization work.

For good reasons, the Sovrin Foundation is one of the major actors in the global SSI playing field. Providing business, legal, and technical support for the Sovrin Network and with 60 member organizations—the Sovrin Stewards—running nodes on the network, Sovrin has gained tremendous global recognition. 

For some, Sovrin even has become synonymous for self-sovereign identity. Sovrin realized right from the start that a solid governance model is a crucial piece for success. Due to the unprecedented work of key stakeholders, this model has grown to a substantial and hard-to-replicate governance framework.

With its highly skilled and committed leaders and compelling concept “Identity for all”, Sovrin has managed to attract and gather the world’s brains and talent of the identity space. Numerous decades of identity management experience are consolidated under the Sovrin umbrella, ensuring that every possible aspect and problem scenario is identified, and more importantly, clarified and addressed with a sustainable solution. With the meticulously knit Sovrin team, organizational and technical setups are distinct advantages. esatus is convinced: Sovrin is the prevailing candidate in the global SSI race!


Sovrin: What role did Hyperledger Indy and the open source community play in the development of SeLF?

AK: Sovrin is the most prominent productive and operationally available installation of Hyperledger Indy. Hyperledger Indy is an open source distributed ledger identity framework with a strong and immensely skilled worldwide developer community. It is part of the successful Hyperledger endeavor, which in turn is one of the most recognized The Linux Foundation projects. 

esatus highly appreciates the great work done in these initiatives. Available code and documentations are invaluable for bringing our teams up to speed and shaping our own solutions. When needed, the developing experts are accessible and keen on supporting you getting issues out of the way. Thank you all for that! We are very proud of belonging to the global SSI community.


Sovrin: What do you think the next five years looks like for digital identity?

AK:  Luckily, many more people worldwide are standing up for their individual privacy rights now. Even better, they are joining related initiatives and contribute to Sovrin, Hyperledger, MyData, and others. There couldn’t be a better match to the zeitgeist than SSI. We are certain that a better digital world is possible, and SSI holds technology, processes, and spirit for achieving this. All those involved in the matter and having recognized its value have now the privilege of experiencing the wider, ideally global adoption of the underlying technologies and execution principles. 

SSI will be embossing the way digital identity is perceived by everyone in the future, declaring the woes of today’s established identity practices and technologies obsolete. Within the next five years, we will already see a lot of this change happening.

Sovrin delivers all the SSI merits to the whole world. Sovrin brings together the right people for pursuing a joint goal: Transforming digital identity. 

Everybody can use Sovrin TODAY. Let’s make self-sovereign identity happen NOW!


To learn more about esatus AG or SeLF, please connect on Twitter or LinkedIn.

« »