Functional Requirements for Decentralized Identity Applications

Functional requirements (FRs) are of utmost importance that enable a system to work. FRs simply describe what the application should do and refer to the functionality of an application. In contrast, non-functional requirements (NFRs) describe how the system should do that and are abstract terms that frequently describe the performance, security, and reliability of a system. 

The existing decentralized identity applications base their architectures on principles developed by Allen [1] and Cameroon’s Laws of Identity [2]. [3] extends the initial set of properties for a decentralized application and mentions that some of those can be viewed as requirements that a system should achieve and can be used for evaluation. However, the mentioned properties continue to resemble NFRs, which do not provide a concrete basis for the system analysis. There were very limited attempts to specify FRs for decentralized identity systems, with [4] being the closest work. The authors provide a list of FRs for SSI, but the requirements are not mapped to the NFRs that are extensively described in [1] and [3]. Additionally, the QuarkID whitepaper (Appendix II) [5] maps SSI principles to design principles, which provide a remote resemblance to NFRs. However, the authors did not analyze or discuss those design principles in detail. 

This thesis focuses on developing FRs for decentralized identity applications, mapping those to the existing NFRs, and producing an evaluation framework that can be used to analyze existing applications.

References:

[1] C. Allen, “The Path to Self-Sovereign Identity”, 2016. URL: https://www.lifewithalacrity.com/article/the-path-to-self-soverereign-identity/.

[2] K. Cameron, “The Laws of Identity”, Microsoft Corporation (2005). URL: https://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf.

[3] S. Cucko, S. Becirovic, A. Kamisalic, S. Mrdovic, M. Turkanovic, “Towards the classification of self-sovereign identity properties”, IEEE Access 10 (2022) 88306–88329. Publisher: Institute of Electrical and Electronics Engineers (IEEE). DOI: 10.1109/access.2022.3199414. 

[4] R. Nokhbeh Zaeem, K. C. Chang, T.-C. Huang, D. Liau, W. Song, A. Tyagi, M. Khalil, M. Lamison, S. Pandey, K. S. Barber, “Blockchain-Based Self-Sovereign Identity: Survey, Requirements, Use-Cases, and Comparative Study”, IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology, WI-IAT ’21, Association for Computing Machinery, New York, NY, USA, 2022, pp. 128–135. DOI: 10.1145/3486622.3493917.

[5] QuarkID, “Quark id whitepaper: Self-sovereign identity: Basis of a new decentralized digital ecosystem”, n.d. URL: https://github.com/gcba/WhitePaper/tree/master.