我们的 #建立在EOSIO 系列展示了利用EOSIO科技的一些卓越的项目，它们都能为我们更加安全和联系的世界添砖加瓦。如果您想给我们下一个阶段的项目提建议，请给我们的开发者关系小组发送邮件spotlight@block.one
了解EOS VC如何通过战略性投资和风投合伴基金支持EOSIO生态，请访问 vc.eos.io
Managing private information has become a focal point of the common era, and managing digital credentials is no different. OmniOne created a decentralized identity solution built on EOSIO that is now being embraced by the South Korean public sector.
OmniOne is a project powered by RAON, a leading publicly traded ICT security software group in South Korea providing security products, as well as ICT security consulting services to more than 500 customer organizations. Today, their products reach over 30 million users.
Alex David, in charge of global business development at OmniOne, describes the landscape of digital identities. “Proving our identity online remains one of the challenges that has been left unsolved. Historically, identification has been following a path from centralized to federated identity. This may be good enough for logging in to websites, but at a time when identity theft and fraud are becoming increasingly prevalent, it also introduces a level of risk. In a digital world, where data is considered the new oil, it is not only exploited by companies collecting it, but also targeted by malicious hackers when stored in centralized servers.”
To address these challenges, OmniOne is building a layer of trust for a world where digital interaction remains prominent, to help transition from a service-centric identity to the self-sovereign identity paradigm, empowering anyone to control their identity in a highly secure manner while providing mutual benefits to the participants of the ecosystem.
“OmniOne acts as the Decentralized Identity platform that combines the convenience and security of Fast ID Online (FIDO) with the efficiency of an EOSIO-based blockchain,” says Alex. “OmniOne aims at introducing and standardizing a global self-sovereign identity protocol, leveraging the expertise of its team on public key infrastructure and biometrics, while applying international standards such as W3C-based Verifiable Credentials.”
Proving Who is Who
Once largely paperwork driven, today’s identity management systems are, for the most part, now digital. Over time, to accommodate the growth of web-based services, the evolution of digital identity management has given rise to the widespread use of central data servers that store account credentials. Facebook and Google already offer passport-like services that bypass account creation by connecting to websites through just one set of credentials.
It’s true that federated identity-based services are more convenient than the traditionally siloed account management systems of the not so distant past. However, these services still leave room for improvement in terms of security and user data privacy.
OmniOne takes a new approach to identity management with an innovative blockchain-based system that hinges on the notion of Self-Sovereign Identity. Alex explains, “The Self-Sovereign Identity is a concept that aims to give users control back over their identity by, for example, enabling them to store their personally identifiable information on their own device, so data will not be stored on central servers.”
OmniOne offers users a convenient means to retrieve credentials through a wallet that can be created and accessed with the user’s unique biometrics. The wallet is secured in accordance with the globally recognized FIDO security standard.
OmniOne enhances security with a self-sovereign identity-based approach that leverages a Decentralized Identifier (DID) on an EOSIO-based blockchain. Rather than storing information on a centralized server, users store their credentials on their own devices, reducing external attack vectors.
OmniOne uses zero knowledge proof (ZKP) technology to maintain privacy and prevent the excessive collection of personal information. With ZKP technology, it is possible for one party to prove to another party that they have certain information without conveying anything apart from the fact that they possess it.
Why OmniOne Chose EOSIO
Performance played a factor in OmniOne’s choice of blockchain platforms. “Our platform is based on EOSIO, which ensures a high degree of scalability, enabling the OmniOne Network to run smoothly while supporting a high volume of transactions.”
Among the blockchain technologies available, OmniOne decided to select EOSIO for the following reasons:
- EOSIO is tailored for business solutions. EOSIO is suitable for business grade use-cases as it allows the creation of services that provide users with blockchain-based IDs for authentication.
- EOSIO Integrates with Decentralized Identifiers. The concept of multiple public keys associated with a single EOS Public Network account is similar to a DID-based approach, facilitating the development of a DID-oriented platform.
- EOSIO delivers performance. EOSIO smart contract performance enables around 4,000 transactions-per-second. This is conducive to scalability, a crucial factor when developing an identity-related infrastructure where operations must run smoothly at all times regardless of the number of users.
- EOSIO provides configurable consensus. The EOSIO consensus method can be adapted to numerous environments, particularly useful for companies that look for a public and permissioned platform. For instance, OmniOne uses a Proof of Authority (PoA) + asynchronous Byzantine Fault Tolerance-based consensus model to facilitate the deployment of its technology.
“Thanks to its architecture, EOSIO contributed to the success of OmniOne. OmniOne is now a leading DID-platform in South Korea. The platform has already been deployed in a variety of public organizations and financial companies that needed trust-based authentication infrastructure. In parallel, EOSIO helped us build the OmniOne Mainnet, a highly secure public network that allows any company to leverage decentralized identity services without having to bear the related infrastructure costs.”
How OmniOne Manages Identity
OmniOne uses EOSIO to relay cryptographically protected information, enabling users to prove their identity without over-disclosing their information. By natively supporting pairing multiple public keys to a single account, the structure of EOSIO allows users to authenticate with one ID on multiple devices in a highly secure manner.
A user creates an Omni-ID account by pairing a public and private keypair with their fingerprint. This information is bound with a DID, securely connecting users to credential verification issuers that, upon request by the user, can use the DID to authenticate the user. If the user is authenticated, the issuer, for instance a government agency, stores a record of the credential issuance to the blockchain. The user, in turn, receives a verifiable credential from the issuer that can be stored on their local device. Now the device can be used at the user’s discretion with participating service providers that are able to refer to the user’s verifiable credentials information on the OmniOne Network.
OmniOne’s EOSIO blockchain is configured to operate with a PoA Asynchronous Byzantine Fault Tolerance-based consensus model, similar to Delegated Proof of Stake (DPoS). However, as opposed to how Block Producers (BPs) are elected, as they would be under a DPoS consensus model, under PoA, BPs on the network are predetermined. This BP selection method is suitable for entities, including educational institutions, government agencies, healthcare providers, and many more that could benefit from a platform that is both permissioned and public.
A Bright Future For DID
OmniOne is already supporting the South Korean government in rolling out civil servants ID cards and other forms of identification in the form of digital credentials, and is in discussions with the ministry charged with developing the digital driver license. In addition, the Korean government planned to implement a nationwide digital identity program, and OmniOne is contributing to the first stage of this multi-step plan that includes the digitization of most of the government-issued IDs.
On a global scale, OmniOne continues to support its United States branch, where discussions with a variety of potential partners are ongoing. OmniOne is also actively working towards the development of a new architecture for an accountable digital identity through its participation in the DID Alliance. “This architecture lays the groundwork for democratizing the use of decentralized identity-platforms such as OmniOne,” says Alex. “All these efforts will help us build a trustworthy global DID platform where participants from all around the world would be able to join and take control of their personal data.”
The Team Behind OmniOne
OmniOne’s extended team includes over 50 individuals, encompassing researchers, developers, service planners, business developers, and marketers. OmniOne’s R&D team consists of experts in PKI and biometric technologies whose knowledge and expertise covers cryptography. The company’s service planners are experienced in designing UI/UX for RAON’s various IT, security, and authentication solutions and platforms. OmniOne’s business developers are specialists in South Korea’s IT business trends, and have strong networking connections with partners and customers, including many important public and private organizations. OmniOne’s marketers have rich experience in IT marketing and communications for both domestic and overseas marketplaces.
OmniOne Business Developer, Alex David, is professionally fluent in French, English, Spanish, and Korean. He is a Self-Sovereign Identity and DID-related technology enthusiast who has been involved in the blockchain space for over 4 years. Prior to that, he worked as an investment manager within a top-tier global financial institution for over 7 years. Now, he strives to increase the awareness of Self-Sovereign Identity while working on the deployment of OmniOne, the leading Decentralized Identity-based platform in terms of real use cases.
Building on EOSIO?
Our #BuiltOnEOSIO series showcases some of the amazing projects leveraging EOSIO technology to build a more secure and connected world. If you would like to suggest a project for us to feature please send an email to email@example.com for our Developer Relations team to review.
For more information on how EOS VC supports the EOSIO ecosystem through strategic investments and venture capital partnership funds, visit vc.eos.io.
– Block.one Developer Relations team