| Table of Contents |
|---|
Key Points
...
| Reference_description_with_linked_URLs_______________________ | Notes______________________________________________________________ | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| North Dakota RFP folder | ||||||||||
| https://drive.google.com/open?id=1bFKfSoFaX_BaghkKzWeOIZYrv5eNEjqQ | G Drive jem notes | ||||||||||
| https://drive.google.com/open?id=1SwvsPaMtOHYYhQsQiaFfbOqlC6v15gXE | G Drive link to Paramount Proposals | ||||||||||
| Research Areas for PresentationRFP docs | |||||||||||
| Attachment+1+Tech+Archit+Overview-notes.docx | ND RFP Technical Architecture | ||||||||||
| references | |||||||||||
| www | 01 | ibm | com | common/ssi/ShowDoc.wss?docURL=/common/ | IBM Blockchain Platform features ensure key features covered in proposal | references | |||||
https://hyperledger-fabric.readthedocs.io/en/release-2.0/whatis.html https://hyperledger-fabric.readthedocs.io/en/release-1.4/whatis.html | HLF concepts, diagrams | ||||||||||
https://hyperledger-fabric.readthedocs.io/en/release-1.4/whatis.html | HLF concepts, diagrams | ||||||||||
| file:///C:/Users/Jim%20Mason/Google%20Drive/_books/tech/ ibm-blockchain-for-business-book-9780135581391.pdf | ibm BC book - design, implementation, features, business cases the right scope, select the best technology, and establish an | ||||||||||
| EnerBlock NSF SBIR Phase I Update 11-04-19.pptx | Enerblock POC proposal model with actions, next steps | ||||||||||
| jmason_blockchain_strategies-v1.pptx | _psoft/writing - ebc, hlf concepts - solution strategies, impacts | ||||||||||
| m Hyperledger Fabric Concepts | concepts on value, impacts, approach | ||||||||||
| Chris G K8S hlf v1.4 deployment tutorials - see videos on hlf app dev | |||||||||||
| https://github.com/hyperledger/fabric# documentation-getting-started-and-developer-guides | Fabric getting started guides | ||||||||||
| https://fabric-chaintool.readthedocs.io/en/latest/ | Fabric chaintool packager for smart contracts ( chaincode ) | ||||||||||
| https://wiki.hyperledger.org/download/attachments/ 31196145/20200108_contributors_meeting.mp4?api=v2 at 18:42 time | Fabric Contributor Meeting - release cadence plan v1 | ||||||||||
| Identity Management security concepts | |||||||||||
| m Hyperledger Indy | |||||||||||
| m Hyperledger Aries - identity, data management tools | |||||||||||
| m Hyperledger Fabric Concepts | |||||||||||
| m Fabric Concepts 2 | |||||||||||
| C:\Users\Jim Mason\AppData\Local\Amazon\Kindle\storage | Blockchain for SSI Identity Mgt Kindle Book ( via Kindle app ) |
Key Tasks
I have shared a list of questions for review.We are bidding for three segments within the five options in the list of documents i.e. Blockchain,ID Proofing and Self Sovereign Identity.The ID Proofing and Self Sovereign Identity specific part will be helped by Vipin.Vikram is in charge of the RFP for submission and feel free to connect with him for more details if you need.
...
| https://www.imsglobal.org/ | IMS Global - certifies LMS |
| https://site.imsglobal.org/certifications/d2l-corporation/ brightspace-by-d2l#cert_pane_nid_195611 | Brightspace certifications |
| https://www.d2l.com/ | D2L |
| https://www. |
...
...
...
...
...
Key Questions
- what are our service / education offerings ?? my QWU, IBM WebFacing, in-sourcing TGA
- what are the applicable regulations for the state to track identity, transcripts ?
- do individuals require NEW ids on this network?
- do the service providers ( schools and .. ) have a way to support DIDs? Not now
- who are trust providers?
- who are service providers?
- who are the hosting organizations?
- currently, state hosts the eTranscript program for schools
- do schools need to be hosts on the blockchain? No
- For SSI, how many DIDs would be issued potentially to a user? 1> network access 2> school registrations
- credentials issued by a school: enrolled, attended, graduated
- documents issued by a school: transcript, health record, diploma
Key Use cases
School registers with state
Individual enrolls on state network
Individual enrolls in a school program
Individual attends a school program
Individual graduates a school program
Individual requests transacript
Individual requests diploma
...
| core/ | More than just a learning management system (LMS), Brightspace Core combines the powerful tools, services, and support you need to deliver a best-in-class teaching and learning experience for faculty and students—all in one convenient package. |
Key Tasks
I have shared a list of questions for review.We are bidding for three segments within the five options in the list of documents i.e. Blockchain,ID Proofing and Self Sovereign Identity.The ID Proofing and Self Sovereign Identity specific part will be helped by Vipin.Vikram is in charge of the RFP for submission and feel free to connect with him for more details if you need.
a> review rfp
a> answer questions
a> research TYS vs custom
a> research Fabric samples for id mgt
a> research verified.me for Fab id mgt
a> research Besu, Indy for IAM
a> review oauth2, openid docs
research ...
https://www.hyperledger.org/blog/2020/04/21/trustid-a-new-approach-to-fabric-user-identity-management
RFP Objectives
Looking for software services, solutions ( and platforms ?? ) to deliver digital ids, wallets, credentials and verifications for specific items ( transcripts, diplomas, etc )
Hire for services & POC for:
Blockchain
Identity Management - Microsoft Azure B2C
Identity Management – Identity Proofing
Identity Management - Self-Sovereign Identity
Digital Credentials (Certificates, Badging, Wallets, and Backpacks)
2 phases on 2 separate SOWs
- Services & training - Phase 1 design, training
- POC Phase 2
Blockchain
Other RFP Documents
- amendment doesn't clarify much except
- they have worked with Indy, Aries in test
- AWS or Azure are acceptable cloud environments
- attachment 1 = enterprise architecture shows focus on Microsoft environments
- they have an existing dNet eTranscript app running now with ADFS identities, sso
- attachment 2 = application definition
- focuses on 4 areas for app: architecture, security, data mgt, maintenance and support
- more
Key RFP Questions
- is the RFP going to one vendor or multiple for all the services listed?
- 2 phases - p1 = services p2 = poc both may have different vendors
- what are our service / education offerings ?? my QWU, IBM WebFacing, in-sourcing TGA
- what are the applicable regulations for the state to track identity, transcripts ?
- new North Dakota law on privacy only requires right to data access for a user on PII data
- What portions of the new environment will run on Azure and connect with AD B2C ids?
- Azure will run the existing identity system for existing apps
- OIDC will be added
- The new transcript solution MAY add DIDs
- do individuals require NEW ids on this network?
- existing users of school system have ids in ADFS
- want to add OIDC support
- may add SSI support w DID IF it can work with OIDC - no std here - see bc.gov von
- do the service providers ( schools and .. ) have a way to support DIDs? Not now
- could use custom Indy, Aries solution
- DID, wallet, credentials
- could use custom Indy, Aries solution
- who are trust providers?
- state, schools?
- who are service providers?
- who are the hosting organizations?
- currently, state hosts the eTranscript program for schools
- do schools need to be hosts on the blockchain? No
- AWS and Azure are viable cloud platforms
- For SSI, how many DIDs would be issued potentially to a user? 1> network access 2> school registrations
- credentials issued by a school: enrolled, attended, graduated
- documents issued by a school: transcript, health record, diploma
Key Architecture Requirements Questions
- Given Azure AD for Identity registry and OIDC, how will DIDs interface? See Azure external id interface
- Should credentials and verification requests get stored on blockchain?
- Provides immutable, transparent trail to authorized users for both
- Credentials normally on blockchain but verification requests could be done securely between the 2 agents
Key Use cases
School registers with state
Individual enrolls on state network
Individual enrolls in a school program
Individual attends a school program
Individual graduates a school program and issue diploma
Individual requests transacript
Individual requests diploma
Individual requests attendance verification
Individual graduates a cyber security course and issue credential
Key Entities
students
state
schools
courses
degrees
Key Transactions
regsitrations
enrollments
graduations
Key Education Policies
Based on age, people may have education requirements unless exempted
Key Requirements
The new Identity Provider is Azure AD ( page 9 )
Support for OpenID Connect for authentication
Identity proofing required to establish a valid identity
Investigate the option for individuals to use SSI ids
issue and manage DIDs, wallets for individuals
recoverable DIDs and wallets
parental or legal guardian management of DIDs, wallets for children below 18
issue and manage credentials
provide verifications on DIDs
provide verifications on credentials
Key Concepts
state Proposal Requirements
...
https://hyperledger-fabric.readthedocs.io/en/latest/whatsnew.html
Instead of sharing private data within a collection of multiple members, you may want to share private data across collections, where each collection may include a single organization, or perhaps a single organization along with a regulator
Private data can be shared with members not a member of a private data collection
Member receiving shared data can verify the transaction is valid by matching the on-chain hashes
Private data allows custom, optional endorsement policies that override smart contract endorsement policies
For example, 2 orgs with private data may have to endorse the transaction as well
For direct, per-organization private data sharing, private data collections do not need to be defined first
Token Support
Design process can determine the need for different token types in the disbursement solution
...
Blockchain Experience Section Write up
This is what I have gathered that we have so far - please change the information if it is any different.
Food Industry: Provenance & Tracking
Paramount has completed the implementation of a Hyperledger Fabric-based blockchain solution for a provenance & tracking of product for a client based out of a state in the United States. The operation involves procuring the raw product from the indigenous community in a South American rainforest and eventually packaging and selling it from the base location. The process also consists of passing through a complex, opaque and time-consuming transportation mediums involving trucks, rail, and shipping.
ID Management
Paramount has started a pilot project for a federal owned entity in the Power & Utility sector. The blockchain platform is being used to create smart contacts, that provide immutable, secured, traceable, and transparent data that can be converted into tangible and relevant information for the enhancement of the business. Smart Contract would help to store sensitive information while providing a secure and auditable tracking mechanism for a chain of custody, audit compliance and asset security. The goal of the pilot project is to build a robust and secure system that can grow and evolve without compromising security.
Token Management
Paramount has launched an MVP and working on a version 1 application, for an online social community platform focused on wellness and social good. In this platform, users will be engaging in a blockchain-powered platform to allow for transactions to be conducted on the Stellar Network.
Grid Stability
Paramount has engaged with a grant-based project with the National Science Foundation along with a partner offering energy-specific solutions to promote the Distributed Energy ecosystem through Hyperledger Fabric-based Blockchain solution. The project engages Utility token built using Ethereum (ERC20 preferably) on top of that for storage and exchange of energy to facilitate energy trading. Further, the blockchain solution will reconcile any payment issues between producers and consumers on the distribution end.
...
- Addressing legal requirements by jurisdiction for transfer or sale of goods, services and money is outside the scope of the solution design
- Data privacy considerations reflect key concepts in GDPR and related statutes as they are interpreted
- Security considerations address concepts of identity, authentication, functional authorization, data authorization, data encryption
- This is a permissioned enterprise blockchain
- All transactions are recorded in the ledger
- All participants transacting on the network have: an assigned identity, a wallet, assigned credentials in the wallet
- Receipt of goods, services and payments by organizations and users can digitally tracked
- Distribution of cash, services and goods physically is separate issue
- If goods have bar code or QR code labels, those can be scanned as a transaction on the mobile device
- Services delivery could be validated as a simple online transaction referencing the service order or using a physical service work ticket if it's generated
Key Requirements
how do we rank requirements priority?
...