This section covers aspects of blockchain architecture that are specific to identity, security, and privacy. There are various participants in a blockchain network, such as nodes (committers, endorsers, and suchlike), dApps and client applications, and network and channel administrators. Each of these participants needs to have an identity established, because it's the identity of these participants that determines their access permissions on the blockchain network and its resources. Principle is a set of identities and properties, where identity is a user ID, and properties include the organization it belongs to, the roles it is a member of, and suchlike. Hence, it's obvious that the permissions are determined by the properties of the identities.

HLF uses X.509 certificates for identities. However, the MSP validates identities and determines whether those identities are permitted in a blockchain network. At a high level, remember that MSP has the rules, which enables identities in the blockchain network. However, those identities must be trusted and verified by the public key infrastructure.