Selecteer een stuk tekst om voor te lezen   Click to listen highlighted text! Selecteer een stuk tekst om voor te lezen

BDI: Trust Autonomy

The BDI framework emphasizes perimeterless trust, allowing each data owner to control whom they trust, without a central authority enforcing rules and validating them. Trust registers, trust anchors and identity mechanisms are local and adaptable, with flexibility in interoperability and endpoint discovery. Compliance is voluntary, driven by business value, and the framework supports varying global and local adaptations in identity verification and trust levels.

Perimeter-less trust

In principle, trust is individually assessed by each data owner for every entity seeking to exchange data. This concept of trust sovereignty means that each data owner retains full control over whom they trust. While efficiency may drive groups to establish their own trust perimeters, these perimeters are flexible and do not restrict data exchanges with entities outside their defined boundaries.

 

No common or global Authority

There is no overarching Authority to enforce the certification of interfaces, manage onboarding processes, or ensure adherence to data licenses. Compliance within the BDI framework is entirely voluntary, motivated by the practical benefits and business value it offers. BDI framework however does not forbid such an authority when created by the entities involved. The BDI reference architecture supports such BDI Associations.

 

No (unique) shared register of all onboarded parties

Registers of trusted entities are typically local or individual. For example, a platform or company may maintain its own register of trusted partners. If the need for interoperability within a group grows, a common register can be established, often through a BDI Association.

The BDI framework provides a federated mechanism for previously unknown entities to identify themselves to a data-owning party. This allows the data owner to verify the entity’s claims and decide whether sufficient trust exists to proceed with the interaction.

 

Discovery of endpoints

Only endpoints need to be discovered, not data services. The assumption is that a business relationship already exists before data exchanges occur as part of the operation. Endpoint discovery is treated as a generic mechanism, such as through DNS.

 

Quality of Identity Providers uncertainty

In a global business environment, there are various ways to identify an entity, person, or IT system. For example, dealing with SMEs in less IT-mature regions may require simpler methods of identification, albeit with lower associated trust levels. Depending on what is required, identification mechanisms are chosen to suit the needs of the parties involved.

 

Subsidiarity, Global Differentiation, and Local Adaptations

In the BDI framework, the principles of subsidiarity, global differentiation, and local or sectoral adaptations are prioritized over enforcing strict interoperability. Natural business drivers are expected to lead to varying degrees of interoperability among different groups.

 

The Core Principles of the BDI framework reflect these observations.

 

Prev
Next
Click to listen highlighted text!