1. How can selective disclosure of information be achieved?
Selective disclosure of information can be achieved by using data minimization techniques, similar to those defined in the SMART Health Cards specification. This involves using only a limited set of claims, which can include claims from HL7 FHIR and other formats like OpenEHR simSDT. By applying transformation rules to different data formats, specific pieces of information (claims) can be expressed as 'claim name' and 'claim value'. Additionally, information can be shown as a Uniform Resource Identifier (URI) format for interoperability, allowing specific verifiable information to be set in an information system. Individuals can make requests to API services to obtain specific information about an individual, and verifiers can request specific claims to receive approved and verified information in a harmonized manner.
read more
2. What is Selective Disclosure for JSON Web Tokens (SD-JWT)?
Selective Disclosure for JSON Web Tokens (SD-JWT) enables selective disclosure of claims in a signed JWT, allowing sharing only specific claims instead of revealing all information. When issuing a SD-JWT, the issuer sends a JWT containing the digests of the original data and the specific Disclosures. The holder decides which claims to disclose to a verifier. The verifier verifies the disclosed claim names and values using the Disclosures to extract the original JSON data and check the digests over the source data in the JWT. This method is used in FHIR endpoints to disclose only certain elements of FHIR resources. An interoperable URI (iURI) is proposed to manage selective disclosure of information in a harmonized manner.
read more
3. How can an interoperable URI be converted to a DID?
To convert an interoperable URI to a DID, the URI type can be replaced from 'urn' to 'did'. The reverse-DNS format can be used to define both the claim name and the coding system used to represent the value of a claim. For example, an interoperable URI like 'urn:unid:individual:cds:v1:identity:person:x-uhcmid:uuid:<uuid-v4>' can be converted to a DID by replacing the URI type with 'did'. This allows the interoperable URI to be used as the ID of an electronic credential about an entity or another entity, such as expressing the relationship between a newborn and the natural mother registered in a healthcare provider.
read more