Definition trust
Trust is the design and implementation of measures that evaluate the chain of trust per presented credential by any party; the decision to accept a certain level of trust is dependent on the risk of making a mistake.
Scope of trust
Trust ranges from IT credentials (certificates) to checking which organization has certified the subject and against what scheme, to following the trust chain to the Trust Anchor (for example, checking if a verifiable credential has been revoked). Reputation schemes that combine historic experience into trust expectations.
Definition security
Security is the design and implementation of measures that create resistance against the detrimental effects of human error, weaknesses, or attacks by malicious actors (resilience).
Scope of security
Security ranges from IT security (development stack, libraries, code design) to operational security (employees cannot access databases), to logs, daemons and trigger warnings (detecting anomalous behavior).
Approach 1: perimeter with sentry
One approach to trust and security is to set a clear perimeter on the data space and have a sentry at the gate:
- An organization is a member or not.
- Members are vetted and once they are accepted, they are trusted within the member group – possibly with a recurring check to ensure that the vetting result is still valid.
- Only vetted members can communicate within the data space.
Approach 2: perimeter-free network
The other approach is to see the network as perimeter-free, a ‘zero-trust network’:
- No hard perimeter
- Polycentric governance
- Multiple sub-groups (large number), possibly in a hierarchy
- With local-specific differentiation
- Zero-trust
- Trust has to be evaluated continuously and dynamically
- Trust chains
- Trust core base in the polycentric governance
- Trust sovereignty
Required level of trust
In the international business environment, the adage is ‘we do business with anybody but trust them only as far as we can see’ – meaning that trust is a dynamic and contextual characteristic, driven as much by reputation as anything else. Trust sovereignty is the logical result of this observation: the data owner is the ultimate decision maker per interaction (!) of the level of trust required versus the risk.
Assessing trust
The data owner and other actors in the network need to be able to assess the trust one can have in the digital credentials (identity and other) presented by a party. Assessing trust is costly; lowering the burden of assessment is an obvious requirement in practice.
Pillars for trust
Trust between individuals, even when acting in legal entities, is built on four pillars:
- strong social control
- ‘If you break your word, everybody will know and you will be out of business’
- reputation
- and/or legal enforcement
- civil law
- technology/cryptography
- and/or neutral parties
- and/or government authorities
Trust implementation
The local BDI Association is the foundation of effective and efficient trust management in a perimeterless, zero-trust environment. Zero-trust principles require that BDI Associations do not trust anyone outside their own members and use all four pillars of trust to assess interactions with others outside of their community.
The strong social control pillar is supported by a reputation scheme:
- Members of the same association are considered trusted insiders.
- Members of other associations are considered untrusted outsiders at the outset, but that position can change when:
- a shared reputation scheme builds experience with outsiders;
- outsiders that commit themselves to specific legally enforceable rules set by the association become preferred partners.