2015-08-22# A Trust Framework is the governance structure for a specific identity system consisting of:
- the Technical and Operational Specifications that have been developed –
- to define requirements for the proper operation of the identity system (i.e., so that it works),
- to define the roles and operational responsibilities of participants, and
- to provide adequate assurance regarding the accuracy, integrity, privacy and security of its processes and data (i.e., so that it is trustworthy); and
- the Legal Rules that govern the identity system and that --
- regulate the content of the Technical and Operational Specifications,
- make the Technical and Operational Specifications legally binding on and enforceable against the participants, and
- define and govern the legal rights, responsibilities, and liabilities of the participants of the identity system.
Examples of Identity Trust Framework#These are Examples with no regard to the compliance to anything else:
- FICAM: processes and controls for determining an identity provider’s compliance to OMB M-04-04 Levels of Assurance
- ISO 29115 Draft: a set of requirements and enforcement mechanisms for parties exchanging identity information
- Kantara: a complete set of contracts, regulations or commitments that enable participating actors to rely on certain assertions by other actors to fulfill their information security requirements
- OIX: a certification program that enables a party who accepts a digital identity credential (called the relying party) to trust the identity, security, and privacy policies of the party who issues the credential (called the identity service provider) and vice versa.
- OITF Model: a set of technical, operational, and legal requirements and enforcement mechanisms for parties exchanging identity information
NSTIC 4/15/2011 Final#The Identity Ecosystem Framework is the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem.
A Trust Framework is developed by a community whose members have similar goals and perspectives. It defines the rights and responsibilities of that community’s participants in the Identity Ecosystem; specifies the policies and standards specific to the community; and defines the community-specific processes and procedures that provide assurance. . . . In order to be a part of the Identity Ecosystem, all trust frameworks must still meet the baseline standards established by the Identity Ecosystem Framework.
Examples of complete Trust Frameworks might include
More Information#There might be more information for this subject on one of the following: ...nobody
- [#1] - - based on data observed:2015-05-18