Identity Models
Centralized Model
A centralized identity model is one that is controlled and governed by the entity that is offering the identity service. This can be a public or private service. In the case of public, think of a passport; only a federal government can issue a valid passport and they set all of the rules in terms of what it looks like, how it can be authenticated and what happens when it expires or you lose it.
In the case of a private identity service, a great example is a social media platform like Facebook. They have set up the rules for how you can create an account on their platform and what rules you must follow, including abiding by their terms of service (ToS). With this service you have a unique account for each and every service that you log into.
Federated Model
A federated model moves into a system where an identity provider allows other third party systems to use the original digital identity that you set up on the new site. An example of this is Log in with Google
or Log in with Facebook
that you have probably seen before.
This is accomplished through an open standard that allows an identity provider to share information like your name and email address with the new site. While this solves one of the problems that the centralized model has (one account per site), by allowing you to use the same account across many sites, it has a major drawback. It creates a centralized gold mine of user data. It also creates an issue where if, let's say, Google accidentally or intentionally deletes your account; you will lose access to all of the other sites that you had used Google credentials to log into.
Self-Sovereign Identity Model
The SSI model is characterized by it's lack of central authority and its reliance on peer to peer systems. There is no central authority to own the relationship between you and someone else. It is just the two of you protected by cryptography.
There are no accounts, just connections. These connections are kept safe through public/private key cryptography. This form of digital identity is most like our daily lives.
This system does however require a mindset shift for most people as since the modern internet, every system has been the first two models. As this new system rolls out there will be a learning curve and new tooling will need to be created. One of the biggest hurdles is that all users will now be in charge of maintain their own keys. Loosing these keys means loosing your identity. Fret not, later in the documentation I'll talk about key management and ways that users can be protected.