Skip to main content
All Posts By

trustoverip

The Trust Over IP Foundation Publishes New Introduction and Design Principles

By Blog

When it was launched in May 2020, the ToIP Foundation summarized its mission in a single 20-page white paper called “Introduction to Trust Over IP”. This paper was based on an article called The Trust Over IP Stack published in the December 2019 special issue of IEEE Communications Standards Magazine called The Dawn of the Internet Identity Layer and the Role of Decentralized Identity.

Two years later, with ten times more members and double the original number of working groups, the Foundation is a much more mature organization. Despite this growth, we are very pleased that the original vision of the ToIP stack has stood the test of time.

In summer of 2021, we put out a call to all ToIP members to participate in a series of “community writing workshops” to collaboratively produce two new Foundation-wide deliverables:

  1. Introduction to ToIP V2.0 (PDF)
    This is the second-generation version of our original introductory white paper that would go more deeply into the origin and purpose of the ToIP stack and how it addresses the key challenges of decentralized digital trust infrastructure.
  2. Design Principles for the ToIP Stack V1.0 (PDF)
    This is an articulation of the key design principles we must follow in the design and development of all aspects of the ToIP stack.

We were thrilled that over two dozen members took us up on this challenge to participate over four months to produce these two documents, both of which have just been approved by the ToIP Steering Committee.

Introduction to ToIP V2.0

Our primary goal with this second-generation white paper was to make the vision and mission of ToIP accessible to a general audience—literally anyone who cares about the future of the Internet and how we can deal with the myriad security, privacy, data protection, and data sovereignty issues that have emerged as “the world’s greatest information utility” passes its first half-century of growth.

Our second goal was a “plain English” explanation of the overall structure of the four-layer, two-half sided ToIP stack using new graphics based on the wonderful interactive version developed by Peter Stoyko of Elanica. Here is the new static version of the diagram:

Diagram of the four-layer Trust Over IP Stack.

Our third goal was to provide a more complete introduction to the ToIP Foundation as a collaborative organization devoted to the design, development, adoption, and promotion of the ToIP stack—a guide to helping prospective members understand how and why to engage.

The resulting document is divided into the following sections:

  • ToIP in a Nutshell
  • Why Has Digital Trust Become Such a Major Problem?
  • The ToIP Model for Digital Trust
  • Applying This Model to the Digital World
  • The ToIP Stack
  • The ToIP Foundation
  • How to Engage with the ToIP Foundation
  • The Road Ahead

It is available as a PDF document here and on the homepage of the ToIP Foundation website

Design Principles for the ToIP Stack V1.0

To establish a truly interoperable decentralized digital trust layer for the Internet as a whole, meticulous attention must be paid to the design of the ToIP stack. Given the tremendous growth of the ToIP Foundation—from 27 original founding member organizations to over ten times as many today—it was critical to form a strong consensus among the new members about the principles governing this design.

Another key reason to establish design principles for the development of a system is summarized in this quote from the start of the document:

The goal of any design principle is to provide guidance to the designers of a product, service, or system so they can take advantage of lessons learned from the success or failure of previous designs. Design principles represent accumulated wisdom that falls in between the generality of scientific laws and the specialization of best practices.

When it comes to a layered architecture for both technology and governance of decentralized digital trust infrastructure, the “lessons learned from the success or failure of previous designs” is prodigious. Thus the writing workshops for this document continued for four months in order to bring all the relevant design principles together.

To organize the final set of 17 principles into a logical progression, we followed a rubric suggested by co-editor Victor Syntez based on a 2006 blog post by cryptography pioneer Nick Szabo. Szabo distinguished between two types of “code”:

  1. Code written in a computer language expected to be executed by a machine (“dry code”), and
  2. Code written in a human language, i.e., laws, regulations, rules, policies and other forms of governance expected to be followed by humans (“wet code”).

Accordingly, we divided the principles into three categories:

  1. Principles of computer network architecture—these “dry code” principles represent fundamental lessons learned about the design of large-scale computer networked systems, especially the Internet:

#1: The End-to-End Principle

#2: Connectivity Is Its Own Reward

#3: The Hourglass Model

#4: Decentralization by Design and Default

#5: Cryptographic Verifiability

#6: Confidentiality by Design and Default

#7: Keys at the Edge

  1. Principles of human network architecture—these “wet code” principles represent fundamental truths about how trust relationships operate between humans—either individually or in groups:

#8: Trust is Human

#9: Trust is Relational

#10: Trust is Directional

#11: Trust is Contextual

#12: Trust has Limits

#13: Trust can be Transitive

#14: Trust and Technology have a Reciprocal Relationship

  1. Overall design principles—these three remaining principles apply to the overall design of the ToIP stack, “wet or dry”:

#15: Design for Ethical Values

#16: Design for Simplicity

#17: Design for Constant Change

Care was taken to not only explain each principle in plain English, but to analyze how it applies to the design of the ToIP stack at each layer. We summarized those recommendations using this table format:

LayerRelevanceExplanation
Layer 4 The ecosystem symbol represents the purpose of Layer 4 to support the applications needed to develop and sustain entire digital trust ecosystems.
Layer 3 The triangle symbol represents the Layer 3 verifiable credential “trust triangle” of issuer, holder, and verifier that enables parties using the ToIP stack to establish transitive trust.
Layer 2 The symbol of two connected mobile phones represents the purpose of Layer 2 as a universal peer-to-peer secure privacy-routing DID-to-DID communications protocol.
Layer 1 The anchor symbol represents the purpose of Layer 1 public key utilities to provide strong anchors for Decentralized Identifiers (DIDs) and their associated public keys.

For each principle, in the “Relevance” column we assigned star ratings for each layer as follows:

★★★★★Highly relevant to the design of this layer
★★★★Very relevant to the design of this layer
★★★Moderately relevant to the design of this layer
★★Somewhat relevant to the design of this layer
Only slightly relevant to the design of this layer

Once all 17 principles had been compiled into a document with this format, the contributors felt that we had identified the “center of gravity” of the design of the ToIP stack that could now guide our work in completing it.

We strongly recommend this document for anyone who wants to deeply understand the rationale for our work at the ToIP Foundation. It is available as a PDF document here and on the homepage of the ToIP Foundation website

Acknowledgments

Our thanks to Victor Syntez and Drummond Reed for serving as co-editors for these two documents and to the following ToIP members who contributed their time and expertise:

Introduction to ToIP V2.0Design Principles for the ToIP Stack 1.0
Carly Huitema
Daniel Bachenheimer — Accenture
Darrell O’Donnell — Continuum Loop
Jacques Bikoundou
Judith Fleenor — Trust Over IP Foundation
Kaliya Young — COVID-19 Credential Initiative
Karen Hand — Precision Strategic Solutions
Karl Kneis — IdRamp
John Jordan — Province of British Columbia
Lynn Bendixsen — Indicio
P. A. Subrahmanyam — CyberKnowledge
Sankarshan Mukhopadhyay — Dhiway Networks
Scott Perry — Scott S. Perry CPA, PLLC
Vikas Malhotra — WOPLLI Technologies
Wenjing Chu — Futurewei
Antti Kettunen
Daniel Bachenheimer — Accenture
Daniel Hardman — SICPA
Darrell O’Donnell — Continuum Loop
Jacques Bikoundou
Jo Spencer — 460degrees
John Jordan — Province of British Columbia
Jonathan Rayback — Evernym
Judith Fleenor — Trust Over IP Foundation
Lynn Bendixsen — Indicio
Mary Lacity — University of Arkansas
Michel PlanteNeil Thomson — QueryVision
P. A. Subrahmanyam — CyberKnowledge
Rieks Joosten — TNO
Sankarshan Mukhopadhyay — Dhiway Networks
Scott Perry — Scott S. Perry CPA, PLLC
Steven McCown — Anonyome Labs
Thomas Cox
Vikas Malhotra — WOPLLI Technologies
Vinod Panicker — Wipro Ltd
Wenjing Chu — Futurewei

Data Governance Act meets ToIP framework

By Blog

by Jan Lindquist, Neil Thomson, Burak Serdar, Paul Knowles, Christoph Fabianek, Phil Wolff

Introduction

Europe’s Data Governance Act (DGA) reached a milestone. The European Parliament announced it “…reached a provisional agreement on a new law to promote the availability of data and build a trustworthy environment to facilitate its use for research and the creation of innovative new services and products.”

What does the Data Governance Act mean to the ToIP framework and the SSI community?

Background

The DGA defines an “intermediary” that facilitates processing and sharing of data for individuals and organizations to “…increase trust in data intermediation services and foster data altruism across the EU”. In the MyData framework for user-controlled data sharing, intermediaries are called MyData Operators and there is a certification program in place. (See references at the end of this blog post.)

The DGA intermediary has a trusting relationship with the individual. There cannot be any conflict of interest in sharing the data from the individual. In the eyes of the Act, the sharing of the data shall foster “data altruism” across the EU.

To achieve this goal, DGA provisions a certification program and rules for some public-sector data.

SSI Data Sharing Models

The Data Governance Act introduces new roles into data sharing and will set up the necessary governance for a more transparent and accountable data economy. Two main actors are introduced called Data Sharing Service or Intermediaries [refer to chapter III, Requirements Applicable to Data Sharing Service in Data Governance Act] and Data Altruistic Organizations [refer to chapter IV, Data Altruistic in same reference].

Neither of these actors shall have a financial incentive that conflicts with representing a Data Subject when personal data is made available to Third-parties or Data Using Service. The following diagram has three SSI data sharing models.

A business or organization collects personal data and shares it with a third-party often in proprietary and closed interfaces. A non-proprietary health care data exchange interface is FHIR from HL7 which created an open interoperable standard.

A cooperative or intermediary represents the individual when sharing personal data. The sharing shall be standardized and interoperable between different suppliers.

A non-profit organization, acting altruistically, facilitates sharing of data that are in the public institution’s domain. The public institutions may, for example, be health care systems.

Data Governance Act Architecture Overview
Figure 1: Data Governance Act Architecture Overview

Some similarities can be drawn with the Verifiable Credential model where the Data Subject is a Holder, an organization is the Issuer and a third-party is a Verifier.

The DGA adds intermediaries to the ToIP framework

The key difference is addition of the Intermediary. The Intermediary represents an agent for the Holder (Data Subject) which has direct control of processing of personal data through a policy engine. Figure 1 shows the ToIP framework with the actors introduced in the Data Governance Act.

ToIP control and data planes overview
Figure 2: ToIP control and data planes overview

Two layers or paths when performing data exchange are described in the diagram.

  • A data path (yellow arrows) composed of Verified Credentials (VCs) and interfaces to a data repository.
  • A control path (green arrows) that sets the conditions for personal data usage, given through a data subject consenting to collecting, processing or sharing of personal data.

Each actor in the diagram has three different role types: a data role, a Distributed Ledger Technology (DLT) role, and a privacy role.

  • The data role represents Data Subject who the collected data relates to, the Data Source that collects the data, the Data Sharing Service that processes the data prior to sharing the data, and Data Using Service which provides services based on the shared data.
  • In addition to the standard DLT roles an additional role called Intermediary is introduced. As described before, the Intermediary facilitates the processing of data on behalf of the Data Subject prior to sharing with a third party.
  • The privacy roles are the standard Data Controller/Processor, Data Subject, and Third-party. To better understand the Data Subject, it is split into two, a client and an agent. The Data Subject has direct control via the Client. The Agent allows the Data Subject to delegate control to the Agent (as a proxy).

The final aspect to understand are the key functions to enable the Intermediary to act on behalf of the Data Subject. The Intermediary requires a privacy function that applies the transformation and the privacy control selected by the Data Subject. For example the Data Subject may give consent to processing anonymized personal data that would be controlled by the privacy engine. The storage function may be in a wallet or a pseudonymized database with restricted access.

Summary

While it may look like most of the work in ToIP relate to VC’s, there is also the work from Inputs and Semantics work group that look at standardizing the storage, portability of the personal data, and creating a layered schema that helps with setting the policy engine when preparing and sharing of the data.

The Data Governance Act can be supported based on the technology being promoted in ToIP Working Groups. The work underway in ToIP Working Groups are aligned with the specific requirements of the Data Governance Act. Both ToIP and the DGA are avoiding a pervasive data ecosystem that promotes the surveillance economy. We both put a data exchange with humans at the center of any data transfer.

A future blog post will look at the Digital Markets Act in relation to ToIP. When an organization exceeds a threshold of users and net income, they are required to adhere to the rules of a Gateway stipulated by the Digital Markets Act. More in the next post.

References

🎄 ToIP Helps Santa with His Toughest Choices

By News

The Trust over IP (ToIP) Foundation announced a critical governing framework (PDF) to assist Santa in making his toughest choices during Christmas Eve.

For generations, Santa used many information sources, potentially unreliable, to choose gifts. However, with the advent of verifiable credential standards, systems, and governance, a more trustworthy ecosystem is being built which will issue NAUGHTY and NICE verifiable credentials based upon trustworthy evidence and accountability standards for all participants.

Santa on his cellphone

ToIP, working closely with the Santa-led Meaningful Gift Alliance (MEGA), applied its ground-breaking Metamodel Specification to define the ecosystem whereby trustworthy NAUGHTY and NICE credentials will be made available to Santa on Christmas Eve. This effort is expected to save Santa and his elves around 3.14159 million elf-hours per Christmas event which translates into a minimum of 742,000 additional toy deliveries for the 2.2 billion children of the world. #logistics #supplychain

Santa is thrilled. “Those NAUGHTY and NICE lists are just too difficult to scroll through when I’m out all-night delivering presents. I get acid reflux worrying that I’ll get my lists mixed up! This new ecosystem delivers all the information I need right to my satellite smartphone with the confidence I need to sail through the night!” #UXdesign

MEGA - Meaningful Gift Alliance

The Governance Framework (PDF) sets nuanced and contextual rules for the privacy protection of BAD and GOOD life events for children, used as input to the quantum-computer generated algorithm that issues NAUGHTY and NICE credentials. It also allows for parents, guardians, and child-advocates to petition on a child’s behalf.  The Glossary of Terms for uses for the MEGA Governance Framework (PDF) is supported by a Trust Over IP terms community using the Trust Over IP terms wiki tool.

“While we want to save Santa some stress, the main focus is ensuring every child gets a meaningful gift each gift-giving season.” says Nichola Hickman, Secretariat for the Meaningful Gift Alliance. “We consulted with many meaningful gift-givers, including representatives for Wookie Life Day, Mother Earth, the IFFF (International Federation of Fairy Godmothers & Tooth Fairies) and the Free Magi-Sons. They all had experienced fraud from grown-ups claiming to be children, so we are delighted with this new method of ensuring that every child gets exactly what they deserve.” 

Bids will be announced shortly for vendors for MEGA’s technical infrastructure. 

MEGA also joined the Good Elf Pass Initiative whose “interoperability blueprint” supports its crucial role as issuers of these credentials. The ground-breaking “Hypersleigh” blockchain standard will also support rapid delivery and high security for all Meaningful Gifts. #hypersleigh

For more information on these emerging ecosystems and the Trust Over IP Foundation, contact us at https://trustoverip.org/contact/.  Happy Holidays and Happy New Year!

ToIP Releases Additional Tools for Governance and Trust Assurance in Digital Trust Ecosystems

By News

Following the September announcement of its first tools for managing risk in digital trust ecosystems, today the ToIP Foundation announced three more pairs of tools to assist in the task of generating digital governance and trust assurance schemes:

  1. The ToIP Governance Framework Matrix and Companion Guide.
  2. The ToIP Trust Assurance and Certification Template and Companion Guide.
  3. The ToIP Trust Criteria Matrix Template and Companion Guide.

“These three new tools—each with its accompanying Companion Guide—are explicitly designed to simplify and streamline the process of developing robust governance for any digital trust community building on ToIP infrastructure,” said Scott Perry, co-chair of the ToIP Governance Stack Working Group (GSWG) and a certified WebTrust auditor. “They can help turn a job that often takes years into one that takes weeks or months.”

The physical credentials we use today, such as credit card and driver’s licenses, have governance frameworks and trust assurance schemes built by governments and industry associations over many years. Now we are moving to digital credentials verified using cryptography, we need to make the process of adapting these existing governance frameworks—or creating new ones explicitly tailored for digital life—much easier and faster.

“Governance is both simple and complex. Everyone has their own ideas of what Governance is and should be. The complexity comes when multiple parties need to agree on what it is and should be,” said Savita Farooqui, GSWG member and primary author of the Governance Framework Matrix. “The Governance Framework Matrix divides the problem in small chunks and provides a flexible framework to define governance and seek agreements.”

Screenshot of the Governance Framework Matrix

The Governance Framework Matrix is a recipe for setting the process of governance in motion.  Without a starter set of governance topics to drive discussion and consensus, governing bodies stall in its formation.

Trust Registry diagram, with flow arrows between various components.

The Trust Assurance Companion Guide explains in detail, in plain language, how accountability is generated from community participation in a governance framework.

“The Trust Assurance Template and Companion Guide is akin to the ‘Cliff Notes of Accountability’,” said Drummond Reed, GSWG co-chair. “When you combine it with the Trust Criteria Matrix, it means you don’t need to be a cybersecurity audit professional to grasp what is needed to meet the accountability requirements of your digital trust ecosystem.”

A DIF & ToIP joint Statement of Support for the Decentralized Identifiers (DIDs) v1.0 specification becoming a W3C Standard

By Blog

This statement was co-written by DIF and ToIP.

On 3rd August 2021, the World Wide Web Consortium proposed advancing the Decentralized Identifiers (DIDs) v1.0 specification to their W3C Recommendation stage, the ultimate level of the W3C standards process, which indicates that the specification as currently defined is technically sound, mature and ready for adoption. This includes the expectation that this will allow for widespread implementation, as well as further development and ongoing evaluation, paving the way for future versions.

Collectively, the memberships of the Decentralized Identity Foundation (DIF) and the Trust Over IP (ToIP) Foundation represent over 350 companies globally who are committed to the development and implementation of decentralized identity and trust infrastructure. Many of these organizations have contributed directly or indirectly to the W3C DID 1.0 specification for one simple reason: the DID layer of cryptographically verifiable identifiers is foundational to the common infrastructure we are building together and on top of; therefore, this spec is an integral part of DIF’s and ToIP’s shared vision for an empowered, secure and interoperable future, and in line with W3C TAG Ethical Web Principles.

As such, DIF and ToIP support the Decentralized Identifiers (DIDs) 1.0 specification becoming an official W3C Recommendation. DID 1.0 represents the efforts of over thirty active W3C Working Group contributors over the past two years— on top of contributions from dozens of others in the W3C Credentials Community Group and its predecessors for several years before that. This is a significant milestone in the digital identity sector. Having common ground for development, particularly in terms of interoperability, allows work to continue with renewed energy and focus. It also mitigates the risk of shifting goalposts, which seriously hinders long-term development, investment, and widespread adoption. 

DIDs are a critical part of a technical foundation for the products and activities of many of our members. Many of the implementations in the DID Working Group’s implementation report were developed by engineers and companies who collaborate openly at DIF on points of technical interoperability, and at ToIP on points of policy and governance. DIF also hosts the Universal Resolver, a community project which puts practical intra-DID method interoperability into practice by co-developing a “translation engine” for diverse DIDs with contributions from DIF members and non-members alike. Similarly, other DIF efforts like the DID Communications protocol and the Presentation Exchange protocol and ToIP efforts like the ToIP Trust Registry Protocol serve to align a broad range of implementations and ecosystems already building on these standards, laying the groundwork for robust interoperability across ecosystems and diverse families of technologies.

This specification is the result of half a decade of sustained, broad-based, dedicated work on the part of W3C, DIF, and ToIP members. We acknowledge also the work done by numerous, forward-thinking organizations who have already built working implementations using the provisional specification, thereby laying the foundations of new infrastructures for “identity data”. We believe DIDs will change the course of digital identity by building in better user controls, portability and interoperability at the lowest possible level, while also offering increased security and simplicity for implementers and service providers. This advancement unlocks new opportunities for our digital lives, and we look forward to leveraging DIDs and other technologies developed in the community to champion a new class of user-first, self-owned digital identity systems.

Signed,

DIF & ToIP 

October, 2021

Engaging with the Ontario Digital Identity Program

By Blog

We recently had the honor to host a presentation from our Canadian counterparts in Ontario about their technology roadmap for their Digital Identity (ID) program.

The aim of their program is to “make accessing online and in-person services simpler, safer and more secure”, and they’re aiming to introduce Digital ID later this year.

They’ve been busy since their announcement in October 2020, hosting roundtable discussions with large market participants, surveying and consulting with the public and small-to-medium businesses, developing a tech roadmap to get questions and input from private-sector partners, and publishing the technical tools they’re going to leverage.

A four-step process with accompanying images: Download, Sign up, Add your ID card, and Use your digital ID.
Ontario’s simplified version of how Digital ID will work. Read more on their website.

The recent presentation to the ToIP Foundation was to further their goal of aligning and interoperating with the broader market for digital identity. They recognize the importance of market engagement, technology standards, and of partnering with the private sector in building a digital identity ecosystem. Ultimately, all this will help drive end user adoption and the delivery of value.

The presentation covered:

  • A summary of findings from government-led public consultations on digital identity
  • An overview of Ontario’s Digital ID technology roadmap, and discussions about the technology stacks and infrastructure
  • Ontario’s proposed conceptual model for digital identity, and the principles that inform it

The presentation emphasized how the Government of Ontario’s digital identity strategy and roadmap is building upon the ToIP dual-stack model. It was exciting and gratifying to see a major public sector organization contributing to a digital identity ecosystem based on the interoperable open standards that are the heart of our efforts here at the ToIP Foundation. Equally, we hope that Ontario will benefit through exposure of their efforts to our worldwide presence—and further inspire others to adopt decentralized digital trust infrastructure.

If you are not yet a member of the Trust Over IP Foundation and wish to participate in future state-of-the-art member briefings such as this one, we encourage you to read more about membership.

A Year in Review: New Beginnings and Successes

By Blog

The Internet is one of the most extraordinary developments in human history. It is connecting the world farther, faster, and deeper than any previous communications network. It is steadily digitizing every company, industry, and economy it touches. And it is establishing new pathways for information of all types to flow.

Unfortunately, all of this has come with a growing downside. The Internet wasn’t designed with an integrated layer for digital identity, security, and privacy. As a result, we are now suffering from cybersecurity and cyberprivacy problems so severe that they have at times brought entire companies and industries to their knees.

The Trust Over IP (ToIP) Foundation was launched in May 2020 to tackle this problem at its very core: to define a complete architecture for Internet-scale digital trust. It combines cryptographic assurance at the machine layers and human accountability at the business, legal, and social layers. While ambitious, this mission is so urgent and essential that the Foundation has grown from its initial 27 founding member organizations to over ten times that number in just one year.

As part of the Foundation’s launch, working groups were established from the dedicated efforts of our founding members and volunteers. What those groups have accomplished in their first year has been phenomenal. Specifications, recommendations, guides, white papers, and glossaries have all been delivered. Through the groups’ efforts the Foundation has supported Digital Trust advances in many organizations and operations, especially important as the world grapples with the pandemic and the voluminous increase in everyday online activity.

A curved line showing various ToIP deliverables and new working groups over 2020 and 2021.

Here’s a small taste of what our working groups have been up to since their inception last year.

Technology Stack Working Group (TSWG)

The TSWG provides guidance and specifications that support the ToIP 4-layer model from a technical standpoint.

The TSWG has, amongst many accomplishments:

  • Created and pushed a Task Force recommendation that constructs a mapping of Kim Cameron’s “Laws of Identity”
  • Created a task force in late 2020 to create early specifications for Authentic Chained Data Containers. This task force is focused on the semantics of source provenance, authorization provenance, and delegation.
  • Focused the Interoperability Task Force on the creation of interoperability test suites that leverage and extend the Hyperledger Aries test suites. Multiple underlying Layer-1 technologies are being examined as well. 
  • Focused the Technical Architecture Task Force on building the TSS (ToIP Standard Specification) that defines the overall technical requirements for the four layers of the ToIP Stack
  • Created a Trust Registry Task Force to handle creation of the specifications and API (OpenAPI 3.0 compatible) for trust registries. This work was spawned from the urgent need identified by the Good Health Pass Interoperability Working Group.

Governance Stack Working Group (GSWG)

The GSWG specifies tools, templates, and other resources for developing governance frameworks (collections of rules and policies). These, in turn, support the integration of the legal, business, and social components of Digital Trust.

The GSWG has, amongst many accomplishments:

  • Made steady progress with the ToIP Governance Architecture TSS
  • Advanced the ToIP Governance Metamodel to the point where the GSWB now plans to issue it as a separate specification (apart from the ToIP Governance Architecture TSS), along with an associated Companion Guide
  • Contributed heavily to the governance framework recommendations in the Good Health Pass Interoperability Blueprint
  • Advised the authors of several ToIP-based governance framework projects in the market
  • Initiated a Trust Assurance Task Force focusing on governance risk assessment and accountability
  • Drafted a Risk Assessment Worksheet Template and associated Companion Guide 

Ecosystem Foundry Working Group (EFWG)

The EFWG facilitates a community of practice among governance authorities, implementers, operators, and service providers of Trust over IP Layer-4 ecosystems. 

The EFWG has, amongst many accomplishments:

  • Formed the Internet of Research Ecosystem Task Force to pioneer implementation of academic resource identifiers ecosystems for the research community
  • Created the COVID-19 Credentials Governance Framework Task Force to develop reference materials, best practices, and templates that enable diverse organizations to respond with technology
  • Formed the YOMA Ecosystem Task Force to create a ToIP-based Governance Framework to positively impact youth and local communities around the world
  • Formed the Human Trafficking Safety Response Task Force to research the use of ToIP models to effect the transformation of global human trafficking response
  • Drafted the initial Ecosystem Foundry Concepts and Workflow Model to aid ecosystem development and operation

Utility Foundry Working Group (UFWG) 

As with the EFWG, the UFWG also facilitates a community of practice among governance authorities, implementers, operators, and service providers, but instead for Trust over IP Layer-1 utilities.

The UFWG has, amongst many accomplishments:

  • Worked alongside utility conveners to document their utility into story formats
  • Committed best practice documents to the WG GitHub Repository, such as Decentralized Network Best Practices and Decentralized Network Design Principles
  • Worked to publish a public UFWG paper with which will incorporate many of our outputs as well as case studies from utility projects we’ve interfaced with
  • Committed to expanding the coverage of the UFWG to non-Indy-based ledgers.

Inputs and Semantics Working Group (ISWG) 

The ISWG provides an open forum for discussing the concepts and components that will ultimately shape a Dynamic Data Economy (DDE), a safe and secure decentralized data sharing economy. 

The ISWG has, amongst many accomplishments:

  • Delivered whitepapers such as Decentralized Resource Identifiers in the Research Landscape
  • Contributed to the Good Health Interoperability Blueprint (“GHP Blueprint”), such as for “Standard Data Models and Elements” and “Security, Privacy, and Data Protection”
  • Housed the Health Care Task Force (HCTF) that led to GHP Blueprint recommendations
  • Defined a privacy controller credential to ensure trustworthiness for the use of decentralized identifiers across ecosystems
  • Facilitated several presentations from external presenters of storage and portability solutions
  • Tackled important security concepts such as data correlation attacks, machine-readable data agreements, and data protection requirements

Concepts and Terminology Working Group (CTWG)

The CTWG analyzes and maintains terminology requirements of stakeholder groups within and outside the ToIP Foundation.

The CTWG has, amongst many accomplishments:

  • Maintained glossaries for the reuse of terms across groups, with mapping of terms and definitions across groups to encourage harmonization
  • Surveyed the available terminology development and maintenance tools on the market
  • Authored its own specification for a ToIP Term tool
  • Innovated with an approach called “terms wikis” to enable different stakeholder groups to develop and maintain glossaries in their own contexts.

Interoperability Working Group for Good Health Pass (IWG-GHP)

The IWG-GHP facilitated a community of practice among implementers, issuers, holders, verifiers, governance authorities, and other participants within the Good Health Pass digital trust ecosystem.

The IWG-GHP has, amongst many accomplishments:

  • Authored a blueprint based on an outline created by ID2020, going live in June 2021
  • Coordinated the meeting and responses of ten different drafting groups
  • Completed a 150-page report, the Good Health Pass Interoperability Blueprint, that makes key recommendations on how to reopen global travel with verifiable credentials for sharing COVID-19 health status (tests, vaccinations, and recovery).

There’s More To Do

Our work is just getting started! We encourage anyone interested in Digital Trust to join Trust Over IP and get involved in our working groups.

Read more about membership and find out the latest working group activity.

Here’s to our continued advancements and successes!

Trust over IP Foundation Issues Its First Tools for Managing Risk in Digital Trust Ecosystems

By Blog

The growing interest in verifiable digital credentials, such as mobile driver’s licenses or digital health passes, means companies and governments need new tools for managing risk in this decentralized infrastructure. “Risk management in financial services, such as banking and credit card networks, is a mature field,” said Scott Perry, co-chair of the ToIP Foundation Governance Stack Working Group. “But as we move into decentralized identity management, where individuals manage credentials in their own digital wallets, we need new risk management tools designed for this paradigm.”

To begin to fill this gap, today the Trust Over IP (ToIP) Foundation announced the release of the ToIP Risk Assessment Worksheet (Excel format) and Companion Guide (PDF). These new tools are intended to equip architects of digital governance frameworks — ”rulebooks” for establishing trust online—with the knowledge they need to perform a risk assessment grounded in generally accepted global standards and techniques, including:

  • Proper consideration and identification of potential risks,
  • Critical analysis of risks in terms of likelihood and severity,
  • Calculating a systematic risk impact score,
  • Triaging risks for further treatment,
  • Risk mitigation requirements and strategies,
  • Performance of an annual review to reassess existing risks and consider new ones.

The Risk Assessment Worksheet and Companion Guide provides a step-by-step method of performing a systematic risk assessment that conforms with industry-standard guidance such as ISO/IEC 27005 and NIST 800-30. This process identifies and categorizes risks by likelihood and severity in order to create a risk score that can be color-coded, and stack ranked to highlight the need for countermeasures as shown below. The Worksheet and Companion Guide include enough background and educational content that even risk assessment novices should be able to drive the risk assessment process. “A key missing piece of building open digital trust ecosystems has been a deep understanding of the various risks they introduce.

A table with Scale of Severity across the top, and Scale of Likelihood down the side

This can scare off key stakeholders“, said Darrell O’Donnell, CEO of Continuum Loop and Chair of the ToIP Governance Stack Working Group. “The Risk Assessment Worksheet is a powerful tool that helps create clarity about where the real risks are in an ecosystem and what to do about them.”

The Risk Assessment Worksheet and Companion Guide are the first deliverables from the ToIP Governance Stack Working Group (GSWG), whose mission is to produce a complete suite of tools, models, templates, and guides for digital governance frameworks. GSWG member Vikas Malhotra, CEO of WOPLLI Technologies, explained why risk assessment was at the top of the list: “Willingness to take risks is key to forming trust. A risk assessment process helps to qualify and quanfy the risk in a situation, so that the potential trustor can use the information to understand if they should take the risk or not.”

These new tools for risk assessment are already being put to use by digital trust ecosystems being incubated within the ToIP Ecosystem Foundry Working Group. An example is the YOMA governance framework for youth education and life skills credentials in Africa. “Designing a digital trust ecosystem without first assessing the specific risks it is intended to address is like laying underground pipes without testing them to determine the possibility of leakages” said Frednand Furia, who is leading the Yoma Trust Assurance Task Force. “The ToIP Risk Assessment Worksheet and Companion Guide have already proved to be very effective in architecting the YOMA Rules governance and trust framework.”

Release of the Good Health Pass (GHP) Interoperability Blueprint

By News

The Trust Over IP (ToIP) Foundation together with the Good Health Pass Collaborative (GHPC) today announced the release of the Good Health Pass (GHP) Interoperability Blueprint V1.0.0 (PDF). Produced by over 125 participating companies and organizations spanning global travel, health, cybersecurity, privacy, and government, the Blueprint is an urgently needed solution that describes how to unify the widely disparate set of digital vaccination certificate solutions on the market.

“Over the past several months, different vaccination certificate formats have been announced by at least a dozen different governments, health authorities, and industry consortia around the world, including the European Union’s Digital COVID Certificate and the World Health Organisation’s Digital Document of COVID-19 Certificates,” said John Jordan, Executive Director of the ToIP Foundation. “Each of these is good and valuable in its own right, however because they are designed to be digital health documents, they share more information than is necessary simply to prove one’s COVID-19 status for purposes of travel or entry to a venue. The Good Health Pass Blueprint was designed from the ground up to provide an international trust framework that addresses the need for a simple, secure, standard, privacy-preserving health pass that works anywhere you need to prove your health status, just like a mobile boarding pass works with any airline.”

The Good Health Pass effort began with the Good Health Pass Collaborative (GHPC) organized by ID2020, a non-profit organization focused on ethical digital identity. In February 2021, GHPC published the Good Health Pass Interoperability Blueprint Outline, which specified the key problems that needed to be solved and the core design principles that needed to be followed. GHPC then formed a partnership with the ToIP Foundation to launch the Interoperability Working Group for Good Health Pass. Working Group leadership and cross-industry expertise were also contributed by Linux Foundation Public Health (LFPH), particularly its COVID Credentials Initiative (CCI). This combined effort resulted in a fully open and transparent process that created the full Blueprint in under eight weeks.

After a public review period during June with stakeholders in air travel, government, healthcare, hospitality, and other affected sectors, the Blueprint was finalized in mid-July for final approval and publication. “Publication of the V1.0.0 Blueprint is just the first step in seeing interoperable privacy preserving digital health passes adopted in order to support people being able to gather together again with lower personal and public health risk,” said Kaliya Young, chair of the Working Group and Ecosystems Director at CCI. “Our next task is collaborating with real world implementers to fill in any remaining gaps to get to an interoperable system and working with LFPH and other partners to deliver open source code that can be deployed.”

Judith Fleenor, Director of Strategic Engagements at the ToIP Foundation, adds “The best news is that the Good Health Pass Blueprint does not compete with or replace any of the publicly announced COVID-19 health certificates. It is compatible with all of them—and others still to come. With the right software, all those health certificates can be ingested and verified in order to issue a Good Health Pass-compliant health pass. This focus on interoperability will make life much simpler and safer for both users and verifiers.”

The ToIP Foundation is especially proud of this effort because it demonstrates how applying the core principles of interoperable digital trust architecture solves global problems and builds confidence in solutions that have data integrity, portability, and confidentiality built-in. This is the fundamental motivation for creating the ToIP Stack, the ToIP Foundation’s model for developing privacy-preserving, interoperable, and decentralized digital identity solutions that form and sustain digital trust relationships.

The high-speed collaboration enabled by the Interoperability Working Group for Good Health Pass also illustrates the value of the antitrust and royalty-free intellectual property rights protections that all our Working Groups enjoy as a Linux Foundation (LF) project. “Good Health Pass is a textbook example of the kind of project the LF was formed to support,” said Brian Behlendorf, LF General Manager of Healthcare, Blockchain, and Identity. “Being able to bring together this many global experts to work so intensively in such a short period is unprecedented—and shows the kind of confidence that the LF has built in an open public collaboration process.”

We encourage you to review the Blueprint, endorse it, and adopt it—and to join the Interoperability Working Group for Good Health Pass if you would like to collaborate with other industry leaders in creating the world’s first privacy-preserving health credential interoperability framework.

Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit

By Blog, News

In an effort to restore global travel and restart the global economy, the Good Health Pass Collaborative today announced the release of the eagerly-anticipated Good Health Pass Interoperability Blueprint.

The Blueprint – released today in draft form for a three-week period of stakeholder consultations and public comment – is intended to stimulate discussion at the G7 Summit, which will open Friday in Carbis Bay, Cornwall, UK.

This announcement follows on a May 18 letter, sent by the Good Health Pass Collaborative to G7 leaders, urging them to adopt a statement of principles for digital health passes. The letter also called for the formation of a working group – composed of senior ministerial staff from G7, G20, and European Union health and transport ministries – with the task of reaching international consensus on standards by July 16.

Unprecedented global collaboration – between governments, nonprofits, universities, and the private sector – propelled the rapid development and distribution of highly effective COVID vaccines. A similar level of collaboration is urgently needed to ensure that verifiable digital health passes for international travel can be issued and universally accepted worldwide by airlines, border control agencies, and others.

Most governments already require proof of travelers’ COVID status – either through a recent negative test or, increasingly, proof of vaccination– as a precondition of entry. While dozens of solutions have been rushed to market to meet this growing demand, they vary greatly in the extent to which they protect user privacy and security and enable individuals to control access to their personal health information.

The absence of internationally recognized, consensus-based open standards – to which all solutions adhere – could leave individuals uncertain about the security and privacy of their data and even unsure of whether their health pass will be accepted for travel.

“Digital health passes offer our best hope to safely, confidently, and promptly restore global travel and restart the global economy – but only if they are widely trusted and adopted by the public and universally accepted by airlines and border control agencies,” said ID2020 executive director, Dakota Gruener. “The standards proposed in the Good Health Pass Interoperability Blueprint will make it possible for digital health pass systems around the world to be interoperable with one another, thus creating a trusted, convenient, and seamless experience for travelers as well as for airlines, airports, and border control agencies.”

Restoring international travel is vital to restarting the global economy. The World Travel and Tourism Council estimates that 61.6 million tourism-related jobs worldwide have been lost as a result of the pandemic. In 2020, travel and tourism contributions to global GDP decreased by 49.1%, a loss of $4.5 trillion (USD), nearly 18 times the impact experienced during the 2009 global financial crisis.

Under normal circumstances, it would take years to develop standards for digital health passes.

In February, ID2020 launched the Good Health Pass Collaborative, a multi-sector, global initiative to establish guiding principles for digital health passes and dramatically streamline the standards development process. Within weeks, the Collaborative grew from 25 partners to more than 125 companies and organizations from across the health, travel, and technology sectors.

Nine “drafting groups”, bringing together more than 120 experts from the health, travel, and technology sectors were managed through a partnership with the Trust Over IP Foundation the Covid-19 Credentials Initiative and Linux Foundation Public Health – all projects of the Linux Foundation.

The resulting Good Health Pass Interoperability Blueprint addresses – in considerable depth and detail – nine technical and interoperability challenges around which global consensus must be reached:

  • Design principles
  • Creating a consistent user experience
  • Standard data models and elements
  • Credential formats, signatures, and exchange protocols
  • Security, privacy, and data protection
  • Trust registries
  • Rules engines
  • Identity binding (ensuring the authenticity of the holder)
  • Governance

“This draft blueprint is historic, both in its depth and breadth of proposed standards, as well as the number of expert volunteers who contributed their time to its development,” said Gruener. “When we partnered with the Trust Over IP Foundation, we committed to an open and inclusive process. Releasing the draft for public comment today takes that commitment a step further. We felt this was incredibly important, given the range of public and private entities expected to play a role in the issuance and acceptance of digital health passes and the need to build public trust and support their adoption.”

The UK government – in its capacity as president of the G7 – has identified “leading the global recovery from coronavirus, while strengthening our resilience against further pandemic” as the highest policy priority for this 47th G7 Summit. International agreement on principles and standards for digital health passes are critical to achieving this policy priority.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting and portable digital ID solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implementation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights, while ensuring data remains private and in the hands of the individual. www.id2020.org