Source: NSTIC NOTES
Creating Trustmark Compounds from Trust Elements
Authored by: Kat Megas and Ken Klingenstein
Recently, there has been considerable discussion within the Identity
Ecosystem Steering Group (IDESG) and elsewhere regarding trust
frameworks, trustmarks, accreditation criteria, and identity ecosystems.
“Traditional” trust frameworks and trustmark models – which were
historically developed within monolithic schemes with a requirement for
accountability to a single enterprise program – are starting to evolve
to accommodate a broader extent of trust federation. Cross-federation
trust is also emerging, not only as a natural evolution of trust
frameworks, but also as a logical next step towards standardization of
services and business drivers for participants. As we look to advance
the National Strategy for Trusted Identities in Cyberspace (NSTIC), this
sort of cross-federation trust is essential to a vibrant Identity
Ecosystem.
In an attempt to offer some structure to these evolving discussions,
Internet2, as part of the work being conducted under its NSTIC pilot, recently presented
a list of identified trust elements from existing identity ecosystem
trust frameworks. These trust elements are organized into a “periodic
table” which shows the subject (legal, privacy, operational, etc.) that
each element addresses and indicates the layers that deal with them.
Much as molecular compounds are created by joining individual atoms,
Internet2 proposes that “trustmark compounds” can be built by combining
several of these trust elements, and arranging them in concert with one
another. Such compound trustmarks could be issued to identity ecosystem
participants in recognition of specific ecosystem aspects such as
accessibility, security, privacy, or compliance with regulations such as
HIPPA (Health Insurance Portability and Accountability Act) and COPPA
(Children’s Online Privacy Protection Act), or as defined by a community
of interest.
As a next step, the periodic table of trust elements was modified to include designation of the applicable NSTIC guiding principles, based on the set of requirements
that were derived from the NSTIC guiding principles as published by
NSTIC National Program Office (NPO). This annotation of the trust
elements with the guiding principles can help categorize elements as
they are newly discovered, as well as indicate which elements could be
assigned to compound trustmarks that relate to the guiding principles.
Complementary identity ecosystem “building blocks” are also being explored by a second pilot
awarded by the NSTIC NPO to Georgia Tech Research Institute (GTRI). As
part of this pilot, GTRI is developing a trustmark meta-framework to
facilitate effective scaling of interoperable identity solutions,
defining a trustmark as “a rigorously defined, machine-readable
statement of compliance with a specific set of technical or
business/policy rules”. This meta-framework aims to enable mutual
recognition of like trustmarks/compound trustmarks across communities of
interest and dynamic mapping between federations.
Several examples of compound trustmarks exist today across the
identity ecosystem. For example, research and education (R&E)
federations assess applications for their “research and scholarship”
characteristics, and issue trustmarks for sites that pass an audit. In
turn, that trustmark is relied upon today, by hundreds of identity
providers around the globe, to manage the release of attributes. Similar
trustmarks exist within the National Identity Exchange Federation
(NIEF), an operational identity federation that GTRI has developed and
manages on behalf of the U.S. Justice and Law Enforcement community.
Under another pilot funded by the NSTIC NPO, PRIVO is developing a
“Minors Trust Framework” that will issue a trustmark to their framework
members that satisfy Federal Trade Commission (FTC) Childrens’ Online
Privacy Protection Act (COPPA) requirements for minor’s access to online
content and services. Other compound trustmarks are just starting to be
seen across the horizon. For example, an accessibility trustmark also
seems quite feasible – many of the elements, such as the necessary
schema and assessment tools, already exist.
In terms of the relationship between compound trustmarks and existing
trust frameworks, it is interesting to look at a few examples, such as
InCommon, NIEF, and SafeBioPharma, which are primarily designed to
provide a trust infrastructure for a specific community of interest
(COI). It can be seen that there is some variation in the trust elements
that these existing trust frameworks incorporate. This is not
surprising, as the COI’s behind these trust frameworks have quite
different business purposes (e.g. academia versus law enforcement) and
they accordingly opt for differences in which elements they address.
With the limited number of trustmarks available today – as well as the
relatively early state of the market – the notion of them all being
comprised of “modular” trustmark components is not likely.
However, in the future, one can imagine that, as interoperable
trustmarks are defined at a “reasonably” granular level, trust
frameworks could incorporate them by reference instead of developing all
the constituent requirements themselves. Thus, building trustmarks from
these common elements would greatly enhance identity ecosystem
interoperability by providing mutual recognition of those trustmarks
that are common between different federations.
It is important to note that this work is new and is evolving rapidly
as the identity ecosystem landscape becomes clearer. The work is
largely empirical, driven by the experiences of some of the NSTIC pilots
that have long been active in the operational identity infrastructure
space. We believe that ultimately the practical experience that was
reflected in the table of trust elements may help the IDESG as it
continues to work through the challenges of trust frameworks and
trustmarks, and, as with previous NSTIC NPO blogs, the intent here is to
invite additional inputs and development. There are still gaps in
understanding the trust elements – much as there were in early versions
of the Periodic Table of Elements. But while it took more than a hundred
years to sort out the issues around chemical properties, we are
confident that in a much shorter period, the identity ecosystem will
evolve and fill in these trust element gaps! As noted above, we propose
that this process of identifying trust elements and defining compound
trustmarks will ultimately lead to the mutual recognition (and
interoperability) between trust frameworks of trust aspects that are
generic (such as alignment the NSTIC Guiding Principles), without the
need for incorporation of sector-specific considerations and
requirements. This will enhance the ability for trust frameworks
across different disciplines to interoperate and thus provide individual
users with the ability to re-use credentials, which supports
convenience and data minimization. To achieve these goals, clear and
effective definition of trustmarks will be required, so that individual
users are fully aware of the consequences of their interactions in the
ecosystem, while the incentives for adoption by identity, attribute, and
service providers are all clearly articulated. All in all, we believe
that this subject poses an interesting set of challenges and questions
for all participants in the identity ecosystem, and we look forward to
further dialog.