*5.3. Identity*

In order for hardware devices, humans and software agents to conduct digital business transactions, or enact digital collaborations as described in Section 2.1, all these entities require a digital representation of their "real-world" identity. To enable secure business collaborations and transaction within the M2X Economy, this digital representation is required to establish and enable trust, reputation mechanisms, perform verifiable and accountable transactions, and establish reliable as well as auditable data provenance [1]. As M2X is a multi-stakeholder ecosystem, the identity managemen<sup>t</sup> issue applies not only for its users, but also infrastructure providers, OEMs, regulators and service providers. A single central authority for identity managemen<sup>t</sup> of all these different stakeholders poses the risk of single point of failure. Furthermore, identity silos create privacy concerns and are not interoperable [54].

As earlier argued in this section, centralized infrastructures are not suitable for facilitating the full potential of the M2X ecosystem. Hence, a centralized identity solution is not an option and a decentralized interoperable identity solution is required. In order

to prevent the aforementioned flaws and enable an open interoperable ecosystem, the identity-management solution needs to be self-sovereign and user-centric. Self-sovereign identity puts end-users in charge of decisions about their own privacy and disclosure of their personal information and credentials [54] and not the organizations that traditionally centralize identity. Self-sovereign identity systems that are based on decentralized identifiers (DIDs) [55], utilize distributed ledgers, or blockchains as a distributed storage system that replace centralized and incompatible data silos with a cooperative shared storage resource. The result is a user-controlled identity provision model where users control access and sharing of their data based on a need-to-know-basis using the concepts of DIDs, DID documents, and verifiable claims [1].
