CC BY-SA 4.0Kubach, MichaelMichaelKubachJohnson Jeyakumar, Isaac HendersonIsaac HendersonJohnson JeyakumarAlangot, BithinBithinAlangotDimitrakos, TheoTheoDimitrakosVargas, JuanJuanVargasWinterstetter, MatthiasMatthiasWinterstetterKrontiris, IoannisIoannisKrontiris2023-08-292023-08-292023https://publica.fraunhofer.de/handle/publica/448913https://doi.org/10.24406/publica-181910.18420/OID2023_0810.24406/publica-1819This paper discusses the challenges of transitioning from legacy federated identity systems to emerging decentralized identity technologies based on self-sovereign identities (SSI) and verifiable credentials, which are being used in initiatives such as Gaia-X and Catena-X for secure and sovereign data sharing. The adoption of SSI and decentralized identity technologies requires a standardized reference model that addresses challenges around trust in cross-border and cross organizational federations based on decentralized identities. To facilitate this transition, the paper proposes a new Fed2SSI architecture that introduces a middle layer of abstraction for the policy based transformation of credentials, enabling interoperability between legacy federated identity solutions and SSI/decentralized identity environments. The architecture is implemented in a prototype and an exemplary use case is presented to illustrate the added value of this approach.enself-sovereign identitySSIdecentralized identitydata spacesgaia-xverifiable credentialstrust infrastructuretrust policyfederated identityconference paper