This Recommendation identifies security threats to confidentiality, integrity and availability (CIA) of decentralized identity management systems using distributed ledger technology (DLT) and specifies security requirements against the identified security threats. Based on use cases of decentralized identity management systems using DLT, this Recommendation defines decentralized identity management models (such as basic model, custody and delegation model and self-issue model) and assurance levels (such as AL1 (Low), AL2 (Substantial) and AL3 (High)) accordingly. For example, the basic model can be applied to AL2 or AL3. The custody and delegation model can be applied to AL2 or AL3. Also, the self-issue model can be applied to AL1; for example, aspects of claims, a driving licence can be applied to AL3. A vaccination certificate can be applied to AL2, and a digital business card can be applied to AL1.