...
In electronic communication, a trust framework (TF) is a complete set of contracts, regulations or commitments that enables one party enable participating actors to rely on certain assurances assertions by other parties actors to fulfill its their information security requirements. Information security requirements are for example:
- Confidence in the link of a digital identity credential to a real-world identity (Authenticity)
- Compliance with safeguards for integrity, confidentiality and non-repudiation of the communication
- Adherence to the privacy policy of the data controller
- Fulfillment of a defined service level (short- and long-term availability)
- Control User control over own data (like availability for export in an open format)
...
Caveat: The term Relying Party is used in Kantara, Identity Commons and other communities as a synonym for a service provider and implies that the service provider is the only actor trusting the other parties. That is, however, only the case in a specific constellation (seeĀ Service Provider centric model ). In other scenarios other parties need to have trust relationships as well. This is why in the view of the TF any actor can be a Relying Actor.
Purpose
The objective of the TF architecture is to define a model that can improve existing frameworks and their interoperability.
...