What is a trust framework? What is it used for? Why is it important? And what goes into a trust framework?
Our colleague Esther Makaay, eID specialist at Connectis and SIDN, wrote a paper together with Tom Smedinghoff and Don Thibeau setting out a clear description of trust frameworks and their role in governing an identity system.Trust frameworks are not a new concept. They are commonly used outside of the world of digital identities, to govern a variety of multi-party systems where participants desire the ability to engage in a common type of transaction with anyone of the other participants, and to do so in a consistent and predictable manner. In such cases, they are proven to work and scale.Common examples include credit card systems, electronic payment systems and the internet domain name registration system, which all rely on a set of interdependent specifications, rules, and agreements. This set of specifications, rules and agreements is referred to by various names, such as operating regulations, scheme rules, or operating policies. In the world of identity systems they are commonly referred to as a trust framework.
“Trust Frameworks for Identity Systems”, is the first in a series of OIX white papers focused on trust frameworks that OIX is developing.The next white paper in the OIX Trust Framework series will be a global inventory of trust frameworks, trust schemes and trust lists. It will be followed by a couple of white papers taking a deep dive into trust framework use-cases.
This article oringinally was posted on openidentityexchange.org.
About Open Identity Exchange (OIX)
Open Identity Exchange is a non-profit organisation in which market leaders from various sectors join forces within secure networks. The objective of the OIX is to standardise, certify and further extend the commercial, legal and technical agreements that apply to each federation. Within Europe, the Netherlands is the front-runner with respect to federated authentication. We provide OIX information about the developments concerning DigiD, eHerkenning and eID.