(The following post is by a guest author. If you are interested in being a guest author as well, contact communications@nasig.org. We’d love to hear from you!)
Matthew Treskon
Project MUSE
This post describes three related technologies, discusses how they relate, and provides suggestions on how they can be used in scholarly communication.
What are International Standard Content Codes (ISCC)?
From https://iscc.codes/#a-proposal-for-a-modern-and-open-content-based-identifier
- a universal identifier for all kinds of digital content (text, image, audio, video)
- a lightweight and similarity-preserving fingerprint
- designed for cross-sector applicability (journalism, books, music, film, etc.)
- designed to identify content in decentralized and networked environments
- and most importantly it is free, open-source and transparent
In some ways, ISCC codes are like checksums. What is a checksum? By running a file against a publicly defined algorithm, a human or script can generate a hash/checksum that is unique to the file. This technology undergirds file management systems around the world in several ways, including confirmation that the file received is exactly the same as the file that was expected. If you have the file, you can generate a checksum and similarly you can generate ISCC Code
ISCC codes make use of hashes that act as checksums. If a file is even slightly different than another file, the checksums will be completely different. However, using similarity hashes, a human or program can see how different it is. There are four aspects to this difference in ISCC:
- metadata similarity (Meta Code)
- content similarity (Content Code)
- data similarity (Data Code)
- data integrity (Instance Code)
How can this be used in publishing and library data?
ISCC codes can be used to check the integrity of a file or match similar files:
- Is this file that we just received basically the same as another file?
- Has this document been modified?
- There are plenty of other uses with this tech when combined with other technologies as we’ll get to in a bit
What are Verifiable Credentials?
The longstanding procedure of issuing credentials and verifying credentials involves correspondence and centralized authority.
- If an alumnus claims that they obtained a degree from a university, they can put it on their resume
- A potential employer will then need to correspond with the university to confirm authenticity
- The university will confirm the validity of this credential by looking it up in its centralized database
Although this works, and has worked for centuries, its slowness often means that the verification process is only reserved for very important circumstances.
Verifiable credentials technology is much more expedient and just as valid a method of issuing and confirming credentials. The university degree example could be modified using Verifiable Credentials:
- Alumnus claims a degree from a university. They include a link on their resume that uses a Verifiable credentials system
- The potential employer confirms credential by following the link, knowing that the Verifiable credential system is inscrutable
- Credential is confirmed without need to correspond with university and look up in a centralized database
How does this work?
- The university issues a Verifiable Credentials to the student at graduation. This consists of a digital signature (created by public private key infrastructure) that can only be issued by the university, an inscrutable identifier of the student (their public key), and metadata (in this case the degree)
- The verifier, the employer, can look at the Verifiable Credential and confirm that only the university could have issued it
You may already use this technology on your phone using the “wallet” feature.
How can this be used in publishing and librarianship:
- Perhaps we can move beyond username and passwords!
- File sharing
- Peer review
- Providing metadata or making other claims to the content
- Proper attribution
- Social graph, binding VCs to established ID systems like ORCID-ID, ISNI
- Where else do we need to issue and confirm credentials?
Some other use cases: https://docs.creatorcredentials.com/creator-credentials/use-cases-for-creator-credentials-in-the-media-sectors
Liccium Trust Engine
Liccium Trust Engine is a new application that binds product metadata, rights information, and other claims, links, and Verifiable Credentials of trusted individuals and organizations the content-derived ISCC Codes of files. By using Liccium, an entity makes a claim on a document, such as:
- Copyright information (This is mine)
- Proof of authenticity (this is original content vs. fake news)
- Proof of human creation (this is human created vs. AI/machine generated)
- Provenance information (this is derivative of that)
Anybody using Liccium can look up a document using the ISCC codes and see claims and metadata about the document and perhaps make claims of their own. New files and their claims can be added as well.
A related service, called Creator Credentials, can be used to create verifiable credentials specific to media and content rights.
How could this be used in publishing and librarianship?
- Infer metadata from documents. If you have the document, you can look up the metadata
- Associate metadata with a document. This could really be anything
- Sometimes files are shared without metadata. Sometimes embedded metadata is stripped away. Regardless, a verifier can look up the metadata just by having the file, generating the ISCC code, and look it up
- Label document as AI opt-out
- Label content as AI generated
- Make copyright claims
- Validate authenticity
References
International Standard Content Codes
Verifiable Credentials
- https://www.dock.io/post/verifiable-credentials
- https://www.identity.com/what-are-verifiable-credentials/
- Creator Credentials project: https://docs.creatorcredentials.com/
Liccium Trust Engine
- Liccium homepage https://liccium.com
Liccium White paper (https://docs.liccium.com/whitepaper/ )