jspωiki
Trust Framework

Overview#

Trust Framework is a framework using a pre-negotiated set of business, legal, and technical agreements that bind Community of Interest with mutual assurance that transactions are reliable and repeatable.

In other words, a framework that is trusted by Community of Interest

A Trust Framework may follow a Trust Model

Examples of Trust Framework #

Trust Framework NIST#

The “rules” for Federated Identity Management are known as “Trust Framework” (Identity Trust Framework) and the organizations that agree to follow such rules and participate are known as “Identity Federations.”

Much Disagreement [1]#

As with all Frameworks, there is much Disagreement as to What a Trust Framework Is:
  • FICAM - processes and controls for determining an identity provider’s compliance to OMB M-04-04 Level of Assurance (LOA)
  • ISO 29115 - a set of requirements and enforcement mechanisms for parties exchanging identity information
  • Kantara Trust Framework - a complete set of contracts, regulations or commitments that enable participating actors to rely on certain assertions by other actors to fulfill their information security requirements
  • OIX - a certification program that enables a party who accepts a digital identity credential (called the relying party) to trust the identity, security, and privacy policies of the party who issues the credential (called the identity service provider) and vice versa.
  • OITF Model - a set of technical, operational, and legal requirements and enforcement mechanisms for parties exchanging identity information

More Information#

There might be more information for this subject on one of the following: